6 Nov
2007
6 Nov
'07
1:55 a.m.
David Conrad wrote:
On Nov 5, 2007, at 2:13 PM, Bora Akyol wrote:
Do common endpoints (Windows Vista/XP, MacOS X 10.4/5) support DNSSEC Validation? If not, then do people have a choice?
Yes and no.
Of course, nobody supports the "Evil bit" today, so some change would be necessary one way or the other to deal with this. One wonders whether Verizon's behavior is enough to cause Microsoft to turn on a caching resolver. One issue Dave didn't raise is that firewalls often block DNS requests from OTHER than caching resolvers. Cough. So, how much is that NXDOMAIN worth to you? Eliot