It was defined by the IETF and taken up by POSIX. It’s designed to be extensible.
There is absolutely nothing preventing extensions which pass in trust anchors or requiring that answers validate as secure. Just use your imagination. e.g. add trust anchors to hints. Mark > On 21 Aug 2019, at 12:34 pm, Rob Sayre <[email protected]> wrote: > > > Would the following be a fair summary of the discussion? > > 1) There is some support for the idea it would be useful for APIs to allow > > an application to at least know, and perhaps influence, what DNS security > > features will be used if it makes a DNS request via the operating system. > > 2) The getaddrinfo() API in RFC3493 doesn't provide this capability. > > Isn't the getaddrinfo() API defined by POSIX? > > <https://pubs.opengroup.org/onlinepubs/9699919799/functions/getaddrinfo.html> > > "The Open Group Base Specifications Issue 7, 2018 edition > IEEE Std 1003.1-2017 (Revision of IEEE Std 1003.1-2008) > Copyright © 2001-2018 IEEE and The Open Group" > > thanks, > Rob > _______________________________________________ > dns-privacy mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/dns-privacy -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: [email protected] _______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
