Re: libunbound as name resolver?
Date: Fri, 23 Aug 2019 17:07:00 -0400
Thank you for your response! Answers inline:
> On Aug 23, 2019, at 4:48 PM, Daniel Stenberg <daniel_at_haxx.se> wrote:
>
> On Fri, 23 Aug 2019, Felipe Gasper via curl-library wrote:
>
> Hello!
>
>> I’d like to have libcurl do recursive name resolutions, toward which end it would be great if libunbound were supported as a name resolution backend.
>
> I'm not sure I even I understand what recursive means when done from a client, but let's first focus on why. Please help me understand. What functionality does that offer for transfers that you don't have today?
I mean a full recursive lookup: the client queries the root servers, then queries whatever servers the root servers indicate, etc. until you get your result. You thus avoid TTL caching, which is useful in applications like domain control validation.
It’s the same process that “dig +trace” (or “unbound-host”) uses.
> That patch's purpose was primarily to enable DNSSEC and DANE/TLSA for libcurl, but yes, it didn't get enough interest and energy from the team or the original developer (Björn) so it rotted pretty fast.
>
> DNSSEC and DANE/TLSA are still often mentioned as desired features for libcurl so I think that's still an area we could explore further if someone wants to dig in! I don't know if Björn might even still have some interest (I CC'ed him here).
Is there documentation for the name resolver interface?
libunbound’s interface, at least, is quite simple and allows asynchronous lookups, so in theory it should be able to plug in.
On this same note: is the name resolver configurable only at build time? So a libunbound-enabled libcurl would _only_ be able to use libunbound for name resolutions?
-F
-------------------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html
Received on 2019-08-23