summaryrefslogtreecommitdiffstats
path: root/contrib/bind/DNSSEC
diff options
context:
space:
mode:
Diffstat (limited to 'contrib/bind/DNSSEC')
-rw-r--r--contrib/bind/DNSSEC39
1 files changed, 0 insertions, 39 deletions
diff --git a/contrib/bind/DNSSEC b/contrib/bind/DNSSEC
deleted file mode 100644
index 9230f86..0000000
--- a/contrib/bind/DNSSEC
+++ /dev/null
@@ -1,39 +0,0 @@
-$Id: DNSSEC,v 8.2 1999/10/12 18:23:27 ogud Exp $
-
-DNSSEC Notes:
-
-This file contains description of two interoperabilty problems related
-to DNSSEC that only affect sites using DNSSEC.
-
-1. All versions of bind-8 older than 8.2.2
-
-Between versions 8.2.1 and 8.2.2 the printed format of SIG records
-changed. As a result, using a signer, named and named-xfer of
-differrent versions will cause parsing errors on signed zonefiles.
-Included is an AWK program that converts old signed zone files to new
-new format, see contrib/dns_signer/add_labels.awk
-Usage: awk -f <path>/contrib/dns_signer/add_labels.awk <signed_zone >fixed_zone
-
-2. BIND-8.1 BIND-8.1.1 BIND-8.1.2 Interoperability
-
-If you wish to use BIND-8.1.x as a master server (either primary or
-secondary) for DNSSEC signed zone you MUST apply the following patch
-to the file src/bin/named/db_load.c. It fixes a bug that rejects
-valid RSA signatures on load.
-You can patch the file by running following command from this directory
- patch -d bin/named <DNSSEC
-
---- db_load.c.old Mon Oct 11 15:21:24 1999
-+++ db_load.c Mon Oct 11 15:21:38 1999
-@@ -1123,9 +1123,6 @@
- ERRTO("Signature too short");
- if (siglen > (NS_MD5RSA_MAX_BITS + 7) / 8)
- ERRTO("Signature too long");
-- /* We rely on cp from parse */
-- if (*cp == 0)
-- ERRTO("Signature starts with zeroes");
- break;
-
- case NS_ALG_EXPIRE_ONLY:
-
-
OpenPOWER on IntegriCloud