Can DNSSEC resolvers pass through all mangling CPEs?
Rick van Rein
rick at openfortress.nl
Mon Jan 4 12:50:21 UTC 2016
Hi Tony / list,
> DNSSEC detects and blocks mangling, it does not bypass it.
Thanks, I know.
What I am wondering is if the approach of recursive resolution, not explicitly going through the CPE, suffices to avoid mangling. The CPE *could* still force control over DNS traffic on account of target port 53, and I am wondering if this happens.
More information about the Unbound-users