default local DNS caching name server
paul at nohats.ca
Fri Apr 11 22:44:21 UTC 2014
On Fri, 11 Apr 2014, Bruno Wolff III wrote:
>> I'm not sure what you are trying to say here.
> It was a comment about ISPs changing TTLs (or other things). DNSSEC can be
> used to tell you the data might not be authoritative, but doesn't tell you
> what the correct information is.
First, TTLs you receive from a forwarder can always be manipulated, even
with DNSSEC - otherwise caching wouldn't work.
Second, I still don't understand the point. Are you suggesting it is
better to believe all DNS lies than to not know where the lies lead?
More information about the devel