On 14. 7. 25 10:54, Graham Leggett wrote:
On 13 Jul 2025, at 21:48, Branko Čibej<br...@apache.org> wrote:
I don't really care where this happens, but I've been badly bitten by
synchronous DNS lookups -- essentially I had to create a separate thread pool
for DNS lookups with callbacks into the main context loop. It works, but one
shouldn't have to do that.
One request - wherever there is an underlying option to support DNSSEC we should do so.
In unbound it is a single optional call to set the root key. There is no need to
implement anything other than the "on switch".
That's kind of obvious. These days, supporting DNS without the *SEC
would be like implementing HTTP without the *S.
This means serf can support things like DANE.
Regards,
Graham
--
