On Thu, Jan 25, 2001 at 09:49:39PM +1100, David Kempe uttered:
>
> Just looking up a server i was connecting to i get this from nslookup:
>
> davehome:/home/dave# nslookup 141.213.4.21
> Server: washington.apic.net
> Address: 203.22.101.1
>
> Answer crypto-validated by server:
> Name: bigfoot.eecs.umich.edu
> Address: 141.213.4.21
>
> What does crypto-validated mean? I haven't seen it before.
> I'm on debian unstable. Not sure what washington is running... i thought it
> was BSD.
>
Inrelavent.
The version of BIND that washington.apic.net is running has a few extra options. :-)
Namely:
key <key-name> {
algorithm hmac-md5;
secret "<key-string from key file>";
};
server <IP of other server> {
transfer-format many-answers;
keys { <key-name>; };
};
Or, something very similar.
Read RFC 2535 (DNSSEC) for more details.
> dave
>
>
> --
> SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/
> More Info: http://slug.org.au/lists/listinfo/slug
>
--
Steve
"I'm a sysadmin because I couldn't beat a blind monkey in a coding contest."
--Me
--
SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/
More Info: http://slug.org.au/lists/listinfo/slug
