Hi Tony / list, > DNSSEC detects and blocks mangling, it does not bypass it.
Thanks, I know. What I am wondering is if the approach of recursive resolution, not explicitly going through the CPE, suffices to avoid mangling. The CPE *could* still force control over DNS traffic on account of target port 53, and I am wondering if this happens. -Rick
