From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from MAIL1.WPI.EDU (MAIL1.WPI.EDU [130.215.36.91]) by huchra.bufferbloat.net (Postfix) with ESMTP id 371F321F1E8 for ; Sun, 13 Apr 2014 10:59:44 -0700 (PDT) Received: from MAIL1.WPI.EDU (MAIL1.WPI.EDU [130.215.36.91]) by MAIL1.WPI.EDU (8.14.8/8.14.8) with ESMTP id s3DHxhDC012145 for ; Sun, 13 Apr 2014 13:59:43 -0400 X-DKIM: Sendmail DKIM Filter v2.8.3 MAIL1.WPI.EDU s3DHxhDC012145 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=wpi.edu; s=_dkim; t=1397411983; bh=Mbfv76/iHjlRbSf05qozyJqWaB1pzOyEp3w2MeHogZI=; h=Date:From:To:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Transfer-Encoding:In-Reply-To; b=c+kn85VOhAA0YF1yO0pWycKVTITPVoYwpHeShw4N8KnMlon79fMp0QQ5Lfx1trjO2 2wZhTYqts9iX2KJFQ5hqbEbdhW4oZSgiHDhoCbvqTjUvQJgiLIw012jQn/z6AOknmC bnc38Hx6ZVgJfg8sga7afXM70aD+4DPcKFPE2USQ= Received: from MX3.WPI.EDU (mx3.wpi.edu [130.215.36.147]) by MAIL1.WPI.EDU (8.14.8/8.14.8) with ESMTP id s3DHxhTd012141 for ; Sun, 13 Apr 2014 13:59:43 -0400 Received: from angus.ind.WPI.EDU (ANGUS.IND.WPI.EDU [130.215.130.21]) by MX3.WPI.EDU (8.14.4/8.14.4) with ESMTP id s3DHxgck018165 for ; Sun, 13 Apr 2014 13:59:42 -0400 (envelope-from cra@WPI.EDU) Received: from angus.ind.WPI.EDU (localhost [127.0.0.1]) by angus.ind.WPI.EDU (8.14.4/8.14.4) with ESMTP id s3DHxfQl016778 for ; Sun, 13 Apr 2014 13:59:41 -0400 Received: (from cra@localhost) by angus.ind.WPI.EDU (8.14.4/8.14.4/Submit) id s3DHxfDj016777 for cerowrt-devel@lists.bufferbloat.net; Sun, 13 Apr 2014 13:59:41 -0400 X-Authentication-Warning: angus.ind.WPI.EDU: cra set sender to cra@WPI.EDU using -f Date: Sun, 13 Apr 2014 13:59:41 -0400 From: Chuck Anderson To: cerowrt-devel@lists.bufferbloat.net Message-ID: <20140413175940.GP16334@angus.ind.WPI.EDU> Mail-Followup-To: cerowrt-devel@lists.bufferbloat.net References: <1c739791-2058-4267-bc41-789496d74faf@email.android.com> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <1c739791-2058-4267-bc41-789496d74faf@email.android.com> User-Agent: Mutt/1.5.20 (2009-12-10) Subject: Re: [Cerowrt-devel] Full blown DNSSEC by default? X-BeenThere: cerowrt-devel@lists.bufferbloat.net X-Mailman-Version: 2.1.13 Precedence: list List-Id: Development issues regarding the cerowrt test router project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 13 Apr 2014 17:59:44 -0000 On Sun, Apr 13, 2014 at 12:05:19PM +0200, Toke Høiland-Jørgensen wrote: > > > Is there a "D"? > > Running a full resolver in cerowrt? I've been running a dnssec-enabled bind for some time on my boxes (prior to dnssec support in dnsmasq). How do these proposals compare with unbound+dnssec-trigger in the Fedora world? I stirred up a rats nest: https://lists.fedoraproject.org/pipermail/devel/2014-April/197755.html I realize these are slightly different use cases, but it may be helpful to learn from the different implementations, if for no other reason than to be sure they interoperate. I'm going to turn on unbound+dnssec-trigger on my laptop and try it behind Cerowrt w/DNSSEC turned on to see what happens...