On Tue, 23 Dec 2014, Olafur Gudmundsson wrote:
on the second question almost every current release of all resolvers supports ECDSA verification the exceptions are that some OS distributions strip ECC from openssl and other crypto libraries as a precaution against patient lawsuits. Google Public DNS added support little bit over a week ago.
AFAIK, only RHEL/fedora based distributions do that, and those have been updated to allow NIST based ECC crypto (so no GOST, djb or brainpool curves, etc) Paul
