On Dec 4, 2014, at 10:02 PM, George Michaelson <ggm(_at_)algebras(_dot_)org>
wrote:
Hang on.. the deployment of DNSSEC backed applications is a bit iffy if we
depend on deployment of DNS based tricks to cover for V4/V6 interoperation
surely?
DNS64 can be done by the client, in which case DNSSEC validation can be
performed _before_ translating the IPv4 address from the A record into an IPv6
address in the NAT64 prefix.