dnsjava has DNSSEC support. I'd like to do a simple Lookup, just like the Lookup examples ( http://www.xbill.org/dnsjava/dnsjava-current/examples.html ), but have dnsjava tell me if it validates DNSSEC. (Or, raise an exception if it doesn't.)
I've done some simple testing and confirmed that, by default, dnsjava will not do any DNSSEC validation.
How can I tell dnsjava to do DNSSEC validation on a Lookup?
I would suggest taking a look at https://github.com/ibauersachs/dnssecjava. I've actually just used this library (which uses the SimpleResolver library from DNSJAVA to implement its ValidatingResolver). The library is relatively straightforward and contains examples showing DNSSEC resolution.
There is no flag to automatically do it, but there is a very good example how to do it, check this out: https://github.com/adamfisk/DNSSEC4J/blob/master/src/main/java/org/littleshoot/dnssec4j/DnsSec.java it's a "work in progress" project, however it does all you need, there are few minor bugs, but it's rather easy to debug and fix them.
