Value of a DNSSEC validating resolver
John Thurston
john.thurston at alaska.gov
Fri Dec 1 21:13:58 UTC 2023
At first glance, the concept of a validating resolver seemed like a good
idea. But in practice, it is turning out to be a hassle.
I'm starting to think, "If my clients want their answers validated, they
should do it." If they *really* care about the quality of the answers
they get, why should my clients be trusting *me* to validate them?
Can someone make a good case to me for continuing to perform DNSSEC
validation on my central resolvers?
--
--
Do things because you should, not just because you can.
John Thurston 907-465-8591
John.Thurston at alaska.gov
Department of Administration
State of Alaska
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20231201/a0c02fb7/attachment.htm>
More information about the bind-users
mailing list