upstream/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2026-01-05 14:29:37 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

better explanation tekst

Browse source 
git-svn-id: file:///svn/unbound/trunk@2263 be551aaa-1e26-0410-a405-d3ace91eadb9
This commit is contained in:
Wouter Wijngaards 2010-09-29 07:47:42 +00:00
parent 67897d9c0d
commit c9d34cdecf
1 changed files with 5 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
smallapp/unbound-anchor.c
View file

@ -71,6 +71,11 @@
* RFC5011-tracking with its builtin DS anchors; if that fails it
* bootstraps the RFC5011-tracking using the certificate. (again to avoid
* https, and it is also faster).
*
* It uses the XML file by converting it to DS records and writing that to the
* key file. Unbound can detect that the 'special comments' are gone, and
* the file contains a list of normal DNSKEY/DS records, and uses that to
* bootstrap 5011 (the KSK is made VALID).
*
* The certificate update is done by fetching root-anchors.xml and
* root-anchors.p7s via SSL. The HTTPS certificate can be logged but is