[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

DNSSEC and SSL

Subject: DNSSEC and SSL
From: bmanning at vacation.karoshi.com (bmanning at vacation.karoshi.com)
Date: Sun, 22 Aug 2010 21:34:02 +0000
In-reply-to: <[email protected]>
References: <[email protected]> <[email protected]> <[email protected]>

On Sun, Aug 22, 2010 at 09:11:43AM -0400, ML wrote:
> On 8/22/2010 2:38 AM, Mikael Abrahamsson wrote:
> > No, because DNSSEC isn't secured all the way from the DNS server to the
> > application, only to the resolver. Both systems have problems, I'd
> > imagine the best security is when they work together.
> > 
> 
> Is a DNSSEC capable stub resolver not in the cards?
> 

	yes it is. unbound was originally designed for that very niche.

--bill

Follow-Ups:
- DNSSEC and SSL
  - From: dot at dotat.at (Tony Finch)

References:
- DNSSEC and SSL
  - From: ml at kenweb.org (ML)
- DNSSEC and SSL
  - From: swmike at swm.pp.se (Mikael Abrahamsson)
- DNSSEC and SSL
  - From: ml at kenweb.org (ML)

Prev by Date: Other NOGs around the world?
Next by Date: DNSSEC and SSL
Previous by thread: DNSSEC and SSL
Next by thread: DNSSEC and SSL
Index(es):
- Date
- Thread