[dns-operations] DNSSEC impact on applications was Re: security-aware stub resolver
Matthew Pounsett
matt.pounsett at cira.ca
Tue May 27 15:29:36 UTC 2008
On 27-May-2008, at 10:50 , David Conrad wrote:
>
> OK. But the concern is with "duplicated backbone and authority server
> traffic".
I think some people are making the assumption that a validating cache
which replaces a stub resolver would still always talk to the same
local cache(s) that the stub resolver did. So any responses that need
to be validated could be obtained from that intermediate cache, rather
than directly from the authoritative servers. In that scenario the
authoritative servers would see exactly the same traffic that they'd
see with a stub resolver in place.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 194 bytes
Desc: This is a digitally signed message part
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20080527/415a6172/attachment.sig>
More information about the dns-operations
mailing list