On Fri, Oct 26, 2012 at 02:12:01PM -0400, RJ Atkinson wrote: > Earlier, Andrew Sullivan wrote: > > ...DNSSEC cannot be used for validation with mDNS because > > the actual mDNS name is [some string].local., ... > > mDNS can, and regularly is, also used to transport > DNS information outside the ".local" pseudo-TLD.
Draft-cheshire-dnsext-multicastdns-15 notes that this is a contentious issue. (I also think it's a stupid idea, but I don't run the circus, of course.) But you're right: in that case, you probably can do DNSSEC on it. I'd be delighted to learn that there's a resolver out there that knows how to do this. Do you know of one? Best, A -- Andrew Sullivan [email protected] _______________________________________________ homenet mailing list [email protected] https://www.ietf.org/mailman/listinfo/homenet
