nanog mailing list archives

Re: DNSSEC and SSL

From: Wes Hardaker <wjhns61 () hardakers net>
Date: Mon, 23 Aug 2010 07:31:36 -0700

On Sun, 22 Aug 2010 21:57:27 +0200, Mans Nilsson <mansaxel () besserwisser org> said:


MN> The best option today is to run a full-service resolver on the host;

The DNSSEC-Tools project has instrumented a large number of applications
with an in-application validating resolver.  Including OpenSSH (with a
new auto-accept-keys option!), sendmail, postfix, libspf, thunderbird,
lftp, wget, ncftp, ...
-- 
Wes Hardaker                                     
My Pictures:  http://capturedonearth.com/
My Thoughts:  http://pontifications.hardakers.net/

Current thread:

DNSSEC and SSL ML (Aug 21)
- Re: DNSSEC and SSL Gary Buhrmaster (Aug 21)
- Re: DNSSEC and SSL Mikael Abrahamsson (Aug 21)
  - Re: DNSSEC and SSL ML (Aug 22)
    - Re: DNSSEC and SSL Mans Nilsson (Aug 22)
    - Re: DNSSEC and SSL bmanning (Aug 22)
    - Re: DNSSEC and SSL Wes Hardaker (Aug 23)
    - Re: DNSSEC and SSL Tony Finch (Aug 23)
    - Re: DNSSEC and SSL Curtis Maurand (Aug 23)
    - Re: DNSSEC and SSL Doug Barton (Aug 23)
    - Re: DNSSEC and SSL bmanning (Aug 22)
    - Re: DNSSEC and SSL Tony Finch (Aug 23)
    - Re: DNSSEC and SSL Jakob Schlyter (Aug 23)
- Re: DNSSEC and SSL Jakob Schlyter (Aug 22)
- Re: DNSSEC and SSL Rubens Kuhl (Aug 23)
  - Re: DNSSEC and SSL Barry Shein (Aug 23)