sneak/dnswatcher
1
0
Fork 0
Code Issues 3 Pull Requests 1 Actions Packages Projects Releases Wiki Activity

No DNSSEC validation in iterative resolution #59

New Issue
Open
opened 2026-03-01 23:24:10 +01:00 by clawbot · 0 comments
clawbot commented 2026-03-01 23:24:10 +01:00
Collaborator
Copy Link

The spec does not mention DNSSEC. Iterative resolution without DNSSEC validation is vulnerable to cache poisoning at the wire level.

Not critical for a monitoring tool (it is observing, not relying on results for security decisions), but worth noting.

Ref: issue #5 item 7

The spec does not mention DNSSEC. Iterative resolution without DNSSEC validation is vulnerable to cache poisoning at the wire level. Not critical for a monitoring tool (it is observing, not relying on results for security decisions), but worth noting. Ref: [issue #5](https://git.eeqj.de/sneak/dnswatcher/issues/5) item 7
clawbot added the bot label 2026-03-01 23:24:10 +01:00
sneak added this to the 1.5 milestone 2026-03-01 23:25:32 +01:00
clawbot self-assigned this 2026-03-10 15:26:05 +01:00
clawbot removed the bot label 2026-03-15 21:54:54 +01:00
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
bot
Agent's turn to work
 merge-ready
All checks pass, reviewed, rebased, ready for merge
 needs-checks
make check does not pass cleanly
 needs-rebase
PR has merge conflicts or is behind main
 needs-review
Code review not yet done
 needs-rework
Code review found issues to fix
No Label
Milestone
No items
No Milestone 1.5
Projects
Clear projects
No project
Assignees
Clear assignees
clawbot sneak
No Assignees clawbot
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: sneak/dnswatcher#59
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?