22 Aug
2010
22 Aug
'10
5:34 p.m.
On Sun, Aug 22, 2010 at 09:11:43AM -0400, ML wrote:
On 8/22/2010 2:38 AM, Mikael Abrahamsson wrote:
No, because DNSSEC isn't secured all the way from the DNS server to the application, only to the resolver. Both systems have problems, I'd imagine the best security is when they work together.
Is a DNSSEC capable stub resolver not in the cards?
yes it is. unbound was originally designed for that very niche. --bill