[Dnsmasq-discuss] DNSSEC
clemens fischer
ino-news at spotteswoode.dnsalias.org
Thu Jul 22 21:25:20 BST 2010
Simon Kelley wrote:
> Tim Ashby wrote:
>
>> Will dnsmasq be supporting DNSSEC any time soon? Is it currently in
>> development?
>
> What do you mean by "support"? Dnsmasq follows the guidelines for DNS
> proxies in RFC 5625 so that it won't get in the way of a DNSSEC-aware
> resolver which is channeling queries through dnsmasq.
>
> More support than that (for local DNS records, for instance) is not in
> the plan.
I imagine he meant validation of signed records, traversing the DS chain
etc. My answer would be: this is not what dnsmasq is for. People
should use bind9, unbind or somesuch for that.
clemens
More information about the Dnsmasq-discuss
mailing list