From 2578491baad30886054696922870baa7e613795a Mon Sep 17 00:00:00 2001
From: Hugo Landau <hlandau@devever.net>
Date: Tue, 19 Sep 2017 22:44:56 +0100
Subject: [PATCH] Mention DNSSEC Trigger.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Fixes #40.

©! I, Hugo Landau <hlandau@devever.net>, hereby licence these changes under the
©! licence with SHA256 hash
©! fd80a26fbb3f644af1fa994134446702932968519797227e07a1368dea80f0bc.
---
 README.md | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/README.md b/README.md
index eecaa47..2e07dd8 100644
--- a/README.md
+++ b/README.md
@@ -136,10 +136,12 @@ Linux:
     a `.bit` domain. If you want to use DNSSEC, generate keys as shown above
     and configure ncdns appropriately.
 
-  - Install and setup the Unbound recursive resolver on your system. Set it up
-    to start at boot. See above for configuration suggestions. If you wish to
-    use DNSSEC, add the ncdns DNSKEY to Unbound as a trust anchor as shown
-    above. (Make sure Unbound listens only on localhost.)
+  - Install and setup the Unbound recursive resolver on your system. On most
+    systems, the recommended way to install Unbound is to install DNSSEC
+    Trigger, which installs and configures Unbound automatically.
+
+    If you wish to use DNSSEC, add the ncdns DNSKEY to Unbound as a trust
+    anchor as shown above. See above for configuration suggestions.
 
   - Edit `/etc/resolv.conf` to point to the Unbound resolver at 127.0.0.1.
     (If this file is generated automatically via DHCP or similar, you may