On Dec 17, 2008, at 11:13 PM, Wietse Venema wrote:
What are the application-visible changes? If one relies on BIND etc. for validation, where does DNSSEC affect the application? Postfix uses the standard resolver library but these calls are entirely encapsulated in a single module.
First off, the easiest way to use DNSSEC with Postfix is to run a DNSSEC enabled resolver on localhost (BIND or Unbound), with trust anchors for the appropriate TLDs.
We, .SE, have added support for DNSSEC to DKIM-Milter, the patch is published here:
http://opensource.iis.se/dkim/ It is based on libunbound.DKIM-Milter has added the patch to 2.8.0 beta which is up for testing right now.
-- patrik_wallstrom->foodfight->pa...@blipp.com->+46-733173956
smime.p7s
Description: S/MIME cryptographic signature
