On Nov 5, 2007, at 2:13 PM, Bora Akyol wrote:
Do common endpoints (Windows Vista/XP, MacOS X 10.4/5) support DNSSEC Validation? If not, then do people have a choice?
Yes and no. If you run your own caching server and that caching server supports DNSSEC and you enable DNSSEC and set up/maintain the trust anchors, then yes. So yes, pedantically speaking, there is a choice. Pragmatically speaking, I doubt this is really an option for any but the geekiest and/or terminally paranoid. Even the first bit of the previous "if" statement is probably beyond most... Regards, -drc P.S. From experience, running your own caching server can result in problems when connecting via T-Mobile hotspot and some hotel authentication abominations... (sigh).