[Cerowrt-devel] Full blown DNSSEC by default?

Chuck Anderson cra at WPI.EDU
Sun Apr 13 13:59:41 EDT 2014


On Sun, Apr 13, 2014 at 12:05:19PM +0200, Toke Høiland-Jørgensen wrote:
> 
> > Is there a "D"?
> 
> Running a full resolver in cerowrt? I've been running a dnssec-enabled bind for some time on my boxes (prior to dnssec support in dnsmasq).

How do these proposals compare with unbound+dnssec-trigger in the
Fedora world?  I stirred up a rats nest:

https://lists.fedoraproject.org/pipermail/devel/2014-April/197755.html

I realize these are slightly different use cases, but it may be
helpful to learn from the different implementations, if for no other
reason than to be sure they interoperate.  I'm going to turn on
unbound+dnssec-trigger on my laptop and try it behind Cerowrt w/DNSSEC
turned on to see what happens...



More information about the Cerowrt-devel mailing list