DNSSEC support : query and validation

[keltia]

Hello, I don't see any kind of DNSSEC support, either in the query space (no DNSKEY or DS recognized) or in the resolving/validation part (I don't see any check for AD bit and validation) or even in the displayed fields. Thanks.

[ogham]

Yeah, DNSSEC is a big feature. I want to add support for it eventually, but it will take some time. (It took me a lot of time to get acquainted enough with DNS to release a client that people could be relying on — DNSSEC is even more of that, plus it's a security thing.)

[mogul]

I scraped together a DNSSEC test based on dig output by relying on the info from this post. I hope it's useful when you work on this, as JSON output from dog could have been a godsend while I was working on it!