On Sun, Aug 22, 2010 at 09:11:43AM -0400, ML wrote: > On 8/22/2010 2:38 AM, Mikael Abrahamsson wrote: > > No, because DNSSEC isn't secured all the way from the DNS server to the > > application, only to the resolver. Both systems have problems, I'd > > imagine the best security is when they work together. > > > > Is a DNSSEC capable stub resolver not in the cards? >
yes it is. unbound was originally designed for that very niche.
--bill
