DNSSEC support in c-ares-1.18.1
brad at brad-house.com
Thu Jan 13 22:37:07 CET 2022
C-ares does not have the capability to perform DNSSEC validation on its
On 1/13/22 12:44 PM, Anant wrote:
> Thanks Brad! appreciate the quick response.
> Our query was in the context of a "Security-Aware Resolver" using
> C-ares. We were wondering if something similar to what "bind" provides
> is there in C-ares too.
> I see that there are some relevant changes in ares_nameser.h but do
> not see anything relevant while creating queries/parsing answers.
> Is C-ares not intended to be used by "Security-Aware Resolvers"?
> On Thu, 13 Jan 2022 at 22:07, Brad House via c-ares
> <c-ares at lists.haxx.se> wrote:
> DNSSEC verification is the responsibility of the DNS server, and
> not of the client side. The DNS server the client connects to
> performs the actual recursive lookups and performs the DNSSEC
> validation, so yes, you need to make sure the DNS server you are
> using is trusted.
> On 1/13/22 8:11 AM, Anant via c-ares wrote:
>> Do we have support for DNSSEC in 1.18.1?
>> Iam exploring the src and see that there are some relevant
>> changes in header files but I do not see that in query and answer
> c-ares mailing list
> c-ares at lists.haxx.se
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the c-ares