<div dir="ltr"><div class="gmail_default" style="font-family:courier new,monospace">Thanks Brad! appreciate the quick response.<br></div><div class="gmail_default" style="font-family:courier new,monospace"><br></div><div class="gmail_default" style="font-family:courier new,monospace">Our query was in the context of a "Security-Aware Resolver" using C-ares. We were wondering if something similar to what "bind" provides is there in C-ares too. <br></div><div class="gmail_default" style="font-family:courier new,monospace"><br></div><div class="gmail_default" style="font-family:courier new,monospace">I see that there are some relevant changes in ares_nameser.h but do not see anything relevant while creating queries/parsing answers.</div><div class="gmail_default" style="font-family:courier new,monospace"><br></div><div class="gmail_default" style="font-family:courier new,monospace">Is C-ares not intended to be used by "Security-Aware Resolvers"?</div><div class="gmail_default" style="font-family:courier new,monospace"><br></div><div><div dir="ltr" class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><span style="font-family:courier new,monospace">Regards</span><br style="font-family:courier new,monospace"><span style="font-family:courier new,monospace">Anant</span><br></div></div></div><br></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Thu, 13 Jan 2022 at 22:07, Brad House via c-ares <<a href="mailto:c-ares@lists.haxx.se">c-ares@lists.haxx.se</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div>
DNSSEC verification is the responsibility of the DNS server, and not
of the client side. The DNS server the client connects to performs
the actual recursive lookups and performs the DNSSEC validation, so
yes, you need to make sure the DNS server you are using is trusted.<br>
<br>
<div>On 1/13/22 8:11 AM, Anant via c-ares
wrote:<br>
</div>
<blockquote type="cite">
<div dir="ltr">
<div class="gmail_default" style="font-family:courier new,monospace">Hi,</div>
<div class="gmail_default" style="font-family:courier new,monospace"><br>
</div>
<div class="gmail_default" style="font-family:courier new,monospace">Do we have support for DNSSEC in 1.18.1?</div>
<div>
<div dir="ltr"><br>
</div>
<div dir="ltr"><span class="gmail_default" style="font-family:courier new,monospace">I</span><span class="gmail_default" style="font-family:courier new,monospace"> am exploring the src and see that there
are some relevant changes in header files but I do not see
that in query and answer handling.</span></div>
<div dir="ltr"><span class="gmail_default" style="font-family:courier new,monospace"></span>
<div dir="ltr"><span style="font-family:courier new,monospace">Regards</span><br style="font-family:courier new,monospace">
<span style="font-family:courier new,monospace">Anant</span><br>
</div>
</div>
</div>
</div>
<br>
<fieldset></fieldset>
</blockquote>
<br>
</div>
-- <br>
c-ares mailing list<br>
<a href="mailto:c-ares@lists.haxx.se" target="_blank">c-ares@lists.haxx.se</a><br>
<a href="https://lists.haxx.se/listinfo/c-ares" rel="noreferrer" target="_blank">https://lists.haxx.se/listinfo/c-ares</a><br>
</blockquote></div>