Re: [squid-users] Using DNSSEC in Squid

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Fri, 24 Apr 2009 18:58:49 +1200

Silamael wrote:
> Hello!
>
> Is there any possibility at moment to use DNSSEC in Squid?
> We want to present a special error page if a DNS answer is received
> which fails the DNSSEC check.
> Are there any built-in features, patches or anything else to realize this?
> Thanks in advance!
>
> Greetings,
> Matthias

Not in the official code. Patches welcome.

The Squid-3 code uses RFC 3597 compliant layers of DNS client in rfc1035
and rfc3596 which can be extended for any other RR lookup implementation
and handlers.

The DNS client these form the core of only provides for one generic DNS
error page at present with the system message presented by the core
lookup code.

If anyone is interested in doing this as a project please contact me for
details on how to do the enhancement. Thanks.

Amos

-- 
Please be using
   Current Stable Squid 2.7.STABLE6 or 3.0.STABLE14
   Current Beta Squid 3.1.0.7
Received on Fri Apr 24 2009 - 06:58:45 MDT

This archive was generated by hypermail 2.2.0 : Fri Apr 24 2009 - 12:00:03 MDT