Murray S. Kucherawy, 2011-03-28 07:39 UTC-0700:
> [please subscribe to the list so we don't have to manually approve your posts]
Sorry for that, but I do not really want to subscribe to a mailing-list
for only posting one or two messages. I would if I planned to discuss
about OpenDKIM for some time, but I do not.
> > However, I could not find what was an insecure key and an insecure DNS
> > record. Grepping the source code, I guess that this means that the key
> > or the policy DNS record is not DNSSEC'ed. If this is right, may I
> > prepare a patch against the manpage?
>
> Sure, send it along. You're right that they mean the key/policy record was retrieved while you're using DNSSEC (i.e., you compiled against unbound) but the data thus retrieved were not protected by DNSSEC.
Here is the patch then.
--
Tanguy Ortolo
Received on Mon Mar 28 2011 - 15:10:19 PST