dnscrypt-proxy-multi.rb: Validate/Use DNSSEC

konsolebox / scripts

Repository for various scripts I make

8 stars 6 forks source link

dnscrypt-proxy-multi.rb: Validate/Use DNSSEC #1

Open yhaenggi opened 7 years ago

yhaenggi commented 7 years ago

2 Feature Requests:

Validate the DNSSEC entries of the domains specified by --resolver-check. Also an option to only use dnssec aware servers.

konsolebox commented 7 years ago

Maybe we can use dnsruby for this. I'll see what I can do.

konsolebox commented 7 years ago

I added the -z option in https://github.com/konsolebox/scripts/commit/e8faf34069405731ff2116dad1612ae84a67c8da. It allows only using services that are labelled to support DNSSEC.

I think it would take a while before I decide to add the feature that validates DNSSEC since it complicates the code and adds heavy dependencies. I also noticed that there are only very few domains that support DNSSEC.