it says TSIG and DNSSEC provide authentication. Does it mean whole DNS traffic would be encrypted so if I do packet capturing I would not be able to parse anything ?
Or DNS data is still plain text but it has a signature on it so I would be able to verify the data if it is authentic ?
I tried to search TSIG packet data diagram but no luck. Please help.