16 Feb
2007
16 Feb
'07
9:24 a.m.
* Roy Arends wrote:
Note that with end user validation, and well established methods to update the end users' certificate store, we might be well on our way.
See also: http://dnss.ec/blog/?p=10
IBTD. You can run a caching validating on your own system. If you do not want this, you have to use a stub resolver. A stub resolver means, that you have a established link to an authenitcated resolver. This resolver has to do the DNSSEC validation. If your application want's to validate DNSSEC itself, ther exists a request format to get the responses unvalidated. Following this proposal in the blog, DNSSEC is dead.