diff --git a/doc/README.tests b/doc/README.tests index e6a39ca2b..1279d755b 100644 --- a/doc/README.tests +++ b/doc/README.tests @@ -6,6 +6,7 @@ To make and run the tests. The results are summarized at the end. You need to have the following programs installed and in your PATH. * dig - from the bind-tools package. Used to send DNS queries. +* wdiff - used for word-by-word comparisons. * splint (optional) - for lint test * doxygen (optional) - for doc completeness test * ldns-testns (optional) - from ldns examples. Used as DNS auth server. diff --git a/doc/control_proto_spec.txt b/doc/control_proto_spec.txt index f6d330e1a..67bbc915d 100644 --- a/doc/control_proto_spec.txt +++ b/doc/control_proto_spec.txt @@ -62,5 +62,4 @@ local_data local_data_add www.example.com. IN A 192.0.2.2 if no local_zone exists for it; a transparent zone with the same name as the data is created. - - +Other commands in the unbound-control manual page. diff --git a/doc/example.conf.in b/doc/example.conf.in index a5d7ada06..4a0652278 100644 --- a/doc/example.conf.in +++ b/doc/example.conf.in @@ -344,7 +344,7 @@ server: # val-bogus-ttl: 60 # The signature inception and expiration dates are allowed to be off - # by 10% of the lifetime of the signature from our local clock. + # by 10% of the signature lifetime (expir-incep) from our local clock. # This leeway is capped with a minimum and a maximum. In seconds. # val-sig-skew-min: 3600 # val-sig-skew-max: 86400 diff --git a/doc/unbound.conf.5.in b/doc/unbound.conf.5.in index 5cc9237de..efda17fe5 100644 --- a/doc/unbound.conf.5.in +++ b/doc/unbound.conf.5.in @@ -581,17 +581,19 @@ you are debugging signature inception and expiration. .TP .B val\-sig\-skew\-min: \fI Minimum number of seconds of clock skew to apply to validated signatures. -A value of 10% of the signature lifetime is used, capped by this setting. -Default is 3600 (1 hour) which allows for daylight savings differences. -Lower this value for more strict checking of short lived signatures. +A value of 10% of the signature lifetime (expiration \- inception) is +used, capped by this setting. Default is 3600 (1 hour) which allows for +daylight savings differences. Lower this value for more strict checking +of short lived signatures. .TP .B val\-sig\-skew\-max: \fI Maximum number of seconds of clock skew to apply to validated signatures. -A value of 10% of the signature lifetime is used, capped by this setting. -Default is 86400 (24 hours) which allows for timezone setting problems in -stable domains. Setting both min and max very low disables the clock skew -allowances. Setting both min and max very high makes the validator check -the signature timestamps less strictly. +A value of 10% of the signature lifetime (expiration \- inception) +is used, capped by this setting. Default is 86400 (24 hours) which +allows for timezone setting problems in stable domains. Setting both +min and max very low disables the clock skew allowances. Setting both +min and max very high makes the validator check the signature timestamps +less strictly. .TP .B val\-bogus\-ttl: \fI The time to live for bogus data. This is data that has failed validation;