[dns-operations] More DNSSEC validators to expect

Peter van Dijk peter.van.dijk at powerdns.com
Mon May 30 15:37:51 UTC 2016

Hello Paul,

On 24 May 2016, at 7:00, Paul Wouters wrote:

> As it uses nsswitch, it will also still do all of this even if you
> run a local validating nameserver. Since systemd-resolved itself
> does not cache, at least over time you will get a better chance
> of not getting poisoned, if you do run a local DNS server.

Are you sure it does not cache? The man page says it does, and so does 
this (old!) message: http://seclists.org/oss-sec/2014/q4/592

Kind regards,
Peter van Dijk
PowerDNS.COM BV - https://www.powerdns.com/

More information about the dns-operations mailing list