[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Jessie release goal: DNSSEC as default recursive resolver

On Sat, Oct 26, 2013 at 08:57:54PM +0200, Marco d'Itri wrote:
> On Oct 26, Thomas Goirand <zigo@debian.org> wrote:
> > I'd find it very nice if we had, by default, DNSSEC resolving in Debian,
> > at least in the "default" configuration (whatever that means). By this,
> I agree with the general principle, but I do not think that a recursive 
> resolver should be installed by default on every system. This would 
> violate a lot of reasonable expectations...

How would you do "secure" DNSSEC resolution without a recursive
resolver?  Right now there is no possibility to ask the resolver for all
security related records beginning from . to check it yourself.


Youth doesn't excuse everything.
		-- Dr. Janice Lester (in Kirk's body), "Turnabout Intruder",
		   stardate 5928.5.

Reply to: