[Openswan Users] DNSSEC opportunistic encryption: just a beautiful dream?
darkbasic at linuxsystems.it
Sun Mar 11 12:38:38 EDT 2012
Il 11/03/2012 17:22, Paul Wouters ha scritto:
> yum install dnssec-trigger
Unfortunately I don't use Fedora and my intention is to put openswan
directly in the gateway, not in the single clients.
All clients do already use a local validating resolver (bind), but I
really don't know how to do the following steps:
> 4) if received, unbound runs an ipsec whack command that pushes the
> IP from the A/AAAA record with the IPSECKEY obtained RSA key into
> 5) pluto loads the policy, meaning it will %trap packets to the IP
> 6) unbound releases the A/AAAA to firefox
More information about the Users