Rename dns_use_dnssec to dns_dnssec_ok.

This per Tony's suggestion; this makes it clearer that we are merely setting resolver flags, not performing validation ourselves. Well, clearer to those who understand DNSSEC. For everyone else, they'll still be dependent upon a forthcoming new chapter to the Specification.
author: Phil Pennock <pdp@exim.org> 2013-03-23 19:46:22 -0400
committer: Phil Pennock <pdp@exim.org> 2013-03-23 19:46:22 -0400
commit: 0fbd9bff71b47e3a32e54629c3f67e7eda1812fe (patch)
tree: 45fa251f29cdba3c88b2deae8b6dceccbbe3e09f /doc/doc-txt/NewStuff
parent: 26e72755c101f59e24735e9ca9a320d5f1ebc2b7 (diff)
1 files changed, 3 insertions, 2 deletions
diff --git a/doc/doc-txt/NewStuff b/doc/doc-txt/NewStuff
index 47c5f6fec..ab8589e53 100644
--- a/doc/doc-txt/NewStuff
+++ b/doc/doc-txt/NewStuff
@@ -32,10 +32,11 @@ Version 4.82
     Unless you really know what you are doing, leave it alone.
 
  4. If not built with DISABLE_DNSSEC, Exim now has the main option
-    dns_use_dnssec; if set to 1 then Exim will initialise the resolver library
+    dns_dnssec_ok; if set to 1 then Exim will initialise the resolver library
     to send the DO flag to your recursive resolver.  If you have a recursive
     resolver, which can set the Authenticated Data (AD) flag in results, Exim
-    can now detect this.
+    can now detect this.  Exim does not perform validation itself, instead
+    relying upon a trusted path to the resolver.
 
     Current status: work-in-progress; $sender_host_dnssec variable added.
author	Phil Pennock <pdp@exim.org>	2013-03-23 19:46:22 -0400
committer	Phil Pennock <pdp@exim.org>	2013-03-23 19:46:22 -0400
commit	0fbd9bff71b47e3a32e54629c3f67e7eda1812fe (patch)
tree	45fa251f29cdba3c88b2deae8b6dceccbbe3e09f /doc/doc-txt/NewStuff
parent	26e72755c101f59e24735e9ca9a320d5f1ebc2b7 (diff)