[dns-operations] Apple's support on client side DNSSEC validation

Davey Song songlinjian at gmail.com
Mon Jun 13 04:57:26 UTC 2022


Hi folks,

>From recent WWDC22, I learned that iOS 16 and macOS Ventura would support
client-side DNSSEC validation. If I understand correctly, the client-side
validation means stub resolver doing validation, right?  Does the stub
resolver also do the full validation along the chain of trust?  Wow, it is
a resource consumption process for handsets. Or the stub resolver just send
a DNS query with DO bit?

It is appreciated if people from apple on the list can brief us on the
considerations.

https://developer.apple.com/videos/play/wwdc2022/10079/  (start from 03:19)

Best regards,
Davey
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20220613/64972cdd/attachment.html>


More information about the dns-operations mailing list