-101
Resolving
in a secured DNS environment
nA few remarks
nDNSSEC is not in POSIX yet ( e.g. gethostbyname()or getnameinfo()
)
nSIG verification is (only) done by caching forwarders
nTo test DNSSEC setups, you have to work with dig, or use the BIND lwresolver library
nAlternatively: write some tools in PERL
(Net::DNS and Net::DNS::SEC)