On Saturday, January 15, 2011, Stuart Henderson <s...@spacehopper.org> wrote: > On 2011-01-14, Josh Smith <juice...@gmail.com> wrote: >> Has anyone had any luck configuring the bind included with 4.7 (named >> -v indicates it is 9.4.2-p2) as a DNSSEC validating resolver? B Some >> digging around the web indicates it might be to old to handle this >> properly. B If so is the version included with 4.8 any newer? > > Are you talking about a recursive resolver ("caching dns server") > or the resolver used internally (i.e. the thing which reads resolv.conf > and resolves names for most parts of the OS)?
Stuart, I am talking about a "caching dns server". I apologize for not being clear earlier. I guess I'll take a look at unbound from ports since that seems to be what everyone is suggesting. <tounge in cheek flame> I've got to say I'm suprised the dns server in the base system of the worlds most secure OS is not able to validate dnssec responses </tounge in cheek flame> After reading the issues regarding the inclusion of bind 10 in base. I completely understand the devs decision to move to another dns server. Thanks, Josh <snip> -- Josh Smith KD8HRX email/jabber: juice...@gmail.com phone: 304.237.9369(c)