Can DNSSEC resolvers pass through all mangling CPEs?

Rick van Rein rick at openfortress.nl
Mon Jan 4 12:50:21 UTC 2016

Previous message (by thread): Can DNSSEC resolvers pass through all mangling CPEs?
Next message (by thread): Can DNSSEC resolvers pass through all mangling CPEs?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi Tony / list,

> DNSSEC detects and blocks mangling, it does not bypass it.

Thanks, I know.

What I am wondering is if the approach of recursive resolution, not explicitly going through the CPE, suffices to avoid mangling.  The CPE *could* still force control over DNS traffic on account of target port 53, and I am wondering if this happens.

-Rick

Previous message (by thread): Can DNSSEC resolvers pass through all mangling CPEs?
Next message (by thread): Can DNSSEC resolvers pass through all mangling CPEs?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Unbound-users mailing list