crypto-validated?

fred pasteck fred_pasteck at yahoo.com
Tue Dec 19 20:47:28 UTC 2000


> The AD bit should only be set if the server sending
> the answer is
> DNSSEC-aware and has validated the cryptographic
> signature(s) on the
> resource record(s) in the answer. DNSSEC - Secure

How does it validate the remote box if it doesn't
already have some type of identification such as a
key?

> lookup. Strong hash algorithms like SHA or MD5
> allied to public-key
> cryptography are used to implement DNSSEC. Some of

Ah, so there is no key, just a hash?

Are there specific options that must be configured to
enable DNSSEC?

Thanks again.

__________________________________________________
Do You Yahoo!?
Yahoo! Shopping - Thousands of Stores. Millions of Products.
http://shopping.yahoo.com/



More information about the bind-users mailing list