morgan/systemd
1
0
Fork 0
mirror of https://github.com/morgan9e/systemd synced 2026-04-15 00:47:10 +09:00
Code Issues Packages Projects Releases Wiki Activity

man/resolve: update DNSSEC description

Browse Source 
This behavior was changed.

Fixes: 9c47b33444 ("resolved: enable DNS proxy mode if client wants DNSSEC")
This commit is contained in:
Ronan Pigott
2024-03-06 18:08:00 -07:00
committed by Luca Boccassi
parent 5e418fe32a
commit 4e17de7fee
1 changed files with 1 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
man/resolved.conf.xml
View File

@@ -170,9 +170,7 @@
downgrade to non-DNSSEC mode by synthesizing a DNS response that suggests DNSSEC was not
supported.</para>
<para>If set to false, DNS lookups are not DNSSEC validated. In this mode, or when set to
<literal>allow-downgrade</literal> and the downgrade has happened, the resolver becomes
security-unaware and all forwarded queries have DNSSEC OK (DO) bit unset.</para>
<para>If set to false, DNS lookups are not DNSSEC validated.</para>
<para>Note that DNSSEC validation requires retrieval of additional DNS data, and thus results in a
small DNS lookup time penalty.</para>