diff options
Diffstat (limited to 'contrib/bind/doc/secure/readme.txt')
| -rw-r--r-- | contrib/bind/doc/secure/readme.txt | 93 |
1 files changed, 0 insertions, 93 deletions
diff --git a/contrib/bind/doc/secure/readme.txt b/contrib/bind/doc/secure/readme.txt deleted file mode 100644 index d7b422a..0000000 --- a/contrib/bind/doc/secure/readme.txt +++ /dev/null @@ -1,93 +0,0 @@ - - Secure DNS (TIS/DNSSEC) - September 1996 - -Copyright (C) 1995,1996 Trusted Information Systems, Incorporated - -Trusted Information Systems, Inc. has received approval from the -United States Government for export and reexport of TIS/DNSSEC -software from the United States of America under the provisions of -the Export Administration Regulations (EAR) General Software Note -(GSN) license exception for mass market software. Under the -provisions of this license, this software may be exported or -reexported to all destinations except for the embargoed countries of -Cuba, Iran, Iraq, Libya, North Korea, Sudan and Syria. Any export -or reexport of TIS/DNSSEC software to the embargoed countries -requires additional, specific licensing approval from the United -States Government. - -Trusted Information Systems, Inc., is pleased to -provide a reference implementation of the secure Domain Name System -(TIS/DNSSEC). In order to foster acceptance of secure DNS and provide -the community with a usable, working version of this technology, -TIS/DNSSEC is being made available for broad use on the following basis. - -- Trusted Information Systems makes no representation about the - suitability of this software for any purpose. It is provided "as is" - without express or implied warranty. - -- TIS/DNSSEC is distributed in source code form, with all modules written - in the C programming language. It runs on many UNIX derived platforms - and is integrated with the Bind implementation of the DNS protocol. - -- This beta version of TIS/DNSSEC may be used, copied, and modified for - testing and evaluation purposes without fee during the beta test - period, provided that this notice appears in supporting documentation - and is retained in all software modules in which it appears. Any other - use requires specific, written prior permission from Trusted Information - Systems. - -TIS maintains the email distribution list dns-security@tis.com for -discussion of secure DNS. To join, send email to - dns-security-request@tis.com. - -TIS/DNSSEC technical questions and bug reports should be addressed to - dns-security@tis.com. - -To reach the maintainers of TIS/DNSSEC send mail to - tisdnssec-support@tis.com - -TIS/DNSSEC is a product of Trusted Information Systems, Inc. - -This is an beta version of Bind with secure DNS extensions it uses -RSAREF which you must obtain separately. - -Implemented and tested in this version: - Portable key storage format. - Improved authentication API - Support for using different authentication packages. - All Security RRs including KEY SIG, NXT, and support for wild cards - tool for generating KEYs - tool for signing RRs in boot files - verification of RRs on load - verification of RRs over the wire - transmission of SIG RRs - returns NXT when name and/or type does not exist - storage of NXT, KEY, and SIG RRs with CNAME RR - AD/ID bits added to header and setting of these bits - key storage and retrieval - dig and nslookup can display new header bits and RRs - AXFR signature RR - keyfile directive - $SIGNER directive (to turn on and off signing) - adding KEY to answers with NS or SOA - SOA sequence numbers are now set each time zone is signed - SIG AXFR ignores label count of names - generation and inclusion of .PARENT files - Returns only one NXT at delegation points unless two are required - Expired SIG records are now returned in response to query - -Implemented but not fully tested: - -Known bugs: - -Not implemented: - ROUND_ROBIN behaviour - zone transfer in SIG(AXFR) sort order. - transaction SIGs - verification in resolver. (stub resolvers must trust local servers - resolver library is to low level to implement security) - knowing when to trust the AD bit in responses - -Read files INSTALL_SEC and USAGE_SEC for installation and user -instructions, respectively. |
