DNSSEC support in c-ares-1.18.1
Anant
anantkishorsharma at gmail.com
Thu Jan 13 18:44:57 CET 2022
Thanks Brad! appreciate the quick response.
Our query was in the context of a "Security-Aware Resolver" using C-ares.
We were wondering if something similar to what "bind" provides is there in
C-ares too.
I see that there are some relevant changes in ares_nameser.h but do not see
anything relevant while creating queries/parsing answers.
Is C-ares not intended to be used by "Security-Aware Resolvers"?
Regards
Anant
On Thu, 13 Jan 2022 at 22:07, Brad House via c-ares <c-ares at lists.haxx.se>
wrote:
> DNSSEC verification is the responsibility of the DNS server, and not of
> the client side. The DNS server the client connects to performs the actual
> recursive lookups and performs the DNSSEC validation, so yes, you need to
> make sure the DNS server you are using is trusted.
>
> On 1/13/22 8:11 AM, Anant via c-ares wrote:
>
> Hi,
>
> Do we have support for DNSSEC in 1.18.1?
>
> I am exploring the src and see that there are some relevant changes in
> header files but I do not see that in query and answer handling.
> Regards
> Anant
>
>
> --
> c-ares mailing list
> c-ares at lists.haxx.se
> https://lists.haxx.se/listinfo/c-ares
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.haxx.se/pipermail/c-ares/attachments/20220113/083832df/attachment.htm>
More information about the c-ares
mailing list