Re: dig and DNSSEC

On 2015-09-26, "Todd C. Miller" wrote: >> As Unbound/nsd are in base now, perhaps it could be easier to get >> drill in and drop dig ? > > That's a great idea. We'd need to add nslookup(1) and host(1) > wrappers though. Vitaly Magerya wrote a ldns-based host(1):

Re: dig and DNSSEC

On Sat, 26 Sep 2015 22:03:50 +0200, Denis Fondras wrote: > As Unbound/nsd are in base now, perhaps it could be easier to get > drill in and drop dig ? That's a great idea. We'd need to add nslookup(1) and host(1) wrappers though. - todd

Re: dig and DNSSEC

> dig and nslookup will remain in base. Go look in our tree at the contortions > required to keep them there, since ISC has created a mess of their own > libraries > and makes the 800 lines of nslookup and 7000 lines of dig use them. Hold your > nose when you look, ok? > As Unbound/nsd are in

Re: dig and DNSSEC

On 2015-09-25 15:05, Stuart Henderson wrote: Is there any chance that dig (src/usr.sbin/bind/bin/dig/) could be build with -DDIG_SIGCHASE to enable dnssec verification in future releases? Where would be a proper place to request that? I've just added this to the ports version of BIND

Re: dig and DNSSEC

>By any chance, once the base version of bind is being phased out, do you >know if there will still be a dig(1) in the base? dig and nslookup will remain in base. Go look in our tree at the contortions required to keep them there, since ISC has created a mess of their own libraries and makes

Re: dig and DNSSEC

On 2015-09-24, Etienne wrote: > Hello there, > > Is there any chance that dig (src/usr.sbin/bind/bin/dig/) could be build > with -DDIG_SIGCHASE to enable dnssec verification in future releases? > Where would be a proper place to request that? > > Cheers, > I've