[dns-operations] security-aware stub resolver
peter at peter-dambier.de
Thu May 22 11:32:14 UTC 2008
almost sorry to mention dnscache (djbdns) here.
It is not for the unsuspecting enduser, but when we did
have problems with Nordrhein-Westfalen faking DNS-zones
we found out all the djbdns people were imune.
We could turn bind caches into bind resolvers using
no more forwarders but djbdns proofed to be optimum
The only issue occured with people logging into public WLANs.
But we did find out how to connect them too.
Lutz Donnerhacke wrote:
> * Joe Abley wrote:
>> Is anybody aware of an implementation of a security-aware stub
>> resolver outside of the laboratory? That is, a security-aware stub
>> resolver that has a noticeable user base in the real world, for any
>> values of "noticeable" and "real world" that seems sensible to you?
> draft-donnerhacke-sidr-bgp-verification-dnssec heavily rely on such an stup
> resolver in embedded devices like routers. But those are currently
> laboratory developments only.
> dns-operations mailing list
> dns-operations at lists.oarci.net
Peter and Karin Dambier
Cesidian Root - Radice Cesidiana
Rimbacher Strasse 16
+49(6252)750-308 (VoIP: sipgate.de)
mail: peter at peter-dambier.de
More information about the dns-operations