diff options
| author | Lennart Poettering <lennart@poettering.net> | 2016-01-06 00:59:51 +0100 |
|---|---|---|
| committer | Lennart Poettering <lennart@poettering.net> | 2016-01-06 01:04:23 +0100 |
| commit | 30c778094b90a637c6691c462a66df81eeb865b5 (patch) | |
| tree | b45d1e3557d558e9c4fa267f01828f4698b94803 /man | |
| parent | b3331c3970fe4aa08eed1a6864080e57a3fbbbd8 (diff) | |
resolved: populate negative trust anchor by default
Let's increase compatibility with many private domains by default, and
ship a default NTA list of wel-known private domains, where it is
unlikely they will be deployed as official TLD anytime soon.
Diffstat (limited to 'man')
| -rw-r--r-- | man/dnssec-trust-anchors.d.xml | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/man/dnssec-trust-anchors.d.xml b/man/dnssec-trust-anchors.d.xml index 9a7cf3c881..5f15d7cd59 100644 --- a/man/dnssec-trust-anchors.d.xml +++ b/man/dnssec-trust-anchors.d.xml @@ -175,6 +175,10 @@ <para><ulink url="https://tools.ietf.org/html/rfc7646">RFC 7646</ulink> for details on negative trust anchors.</para> + + <para>If no negative trust anchor files are configured a built-in + set of well-known private DNS zone domains is used as negative + trust anchors.</para> </refsect1> <refsect1> |