silly footnote ;)

2023-01-15 08:32:33 +01:00 · 2023-01-15 08:32:33 +01:00 · 4ae9e2c797
commit 4ae9e2c797
parent 7540e3f554
1 changed files with 2 additions and 1 deletions
--- a/VerifyHostKeyDNS.org
+++ b/VerifyHostKeyDNS.org
@ -64,7 +64,8 @@ needs to have the /Authentic Data (AD)/ flag set. The flag gets set
 when a validating name-server is asked for the SSHFP record, it finds
 it and it can validate the answer using DNSSEC.

-But then the libc stub resolver[fn:: The thingy that ssh uses to talk
+But then the libc stub resolver[fn:: The thingy[fn:: Thingy is a
+technical term, don't worry about it.] that ssh uses to talk
 to the validating name-server. On OpenBSD that is [[https://man.openbsd.org/man3/asr_run.3][asr]].] gets that
 answer it will strip the AD flag for security reasons. You see, it
 does not know that it can trust the validating name-server. One way to