Google's Public DNS does DNSSEC validation

• Previous message (by thread): Looking for success stories in Qwest/Centurylink land
• Next message (by thread): Google's Public DNS does DNSSEC validation
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This is interesting news; it seems that Google's Public DNS is
performing DNSSEC validation (when the DO-bit is set):

dig +dnssec +multi www.dnssec.nl @8.8.8.8

; <<>> DiG 9.9.1-vjs163.18-P1 <<>> +dnssec +multi www.dnssec.nl @8.8.8.8
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 51937
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags: do; udp: 512
;; QUESTION SECTION:
;www.dnssec.nl.        IN A

;; ANSWER SECTION:
www.dnssec.nl.        21580 IN A 213.154.228.160
www.dnssec.nl.        21580 IN RRSIG A 8 3 86400 (
                20130227071505 20130128071505 33084 dnssec.nl.
                J9MzudQJHT7UEFZDxioAeOSARqvN87stHIiXLdl1f6ZB
                I3UGSqKIOlYpuaM7a6jk8k8oajUkGEHGOxa9ypJQHvlv
                mAE6noaI5sZh6R6lnkd48zGs/xPg4BNODG2zNb3I/lQ3
                2ojQtcs9AIMDEtH5+XISuwvPre5hhYkneM6mtUc= )

;; Query time: 28 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Tue Jan 29 08:03:53 2013
;; MSG SIZE  rcvd: 227

-- 
Marco Davids


-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4432 bytes
Desc: S/MIME-cryptografische ondertekening
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20130129/08e9ea4d/attachment.bin>

• Previous message (by thread): Looking for success stories in Qwest/Centurylink land
• Next message (by thread): Google's Public DNS does DNSSEC validation
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]