Extending DNSSEC trust chains to objects outside the DNS

What is claimed is: 1. A method of providing data, the method comprising: receiving at a first Domain Name System (DNS) server, over an electronic computer network, a first DNS resource record request from a client computer, wherein the first DNS resource record request comprises a first domain name; providing, by the first DNS server to the client computer and in response to the first DNS resource record request, a first DNS resource record comprising information sufficient to derive a target URI; whereby the client computer derives a target URI from the information sufficient to derive a target URI, contacts a non-DNS service at the target URI for requested data, and receives the requested data from the non-DNS service; receiving, at a second DNS server, over the electronic computer network, a second DNS resource record request from the client computer, the second DNS resource record request comprising a second domain name; providing, by the second DNS server to the client computer and in response to the second DNS resource record request, a second DNS resource record comprising cryptographic authentication information corresponding to the second domain name; whereby the client computer cryptographically validates the requested data using the cryptographic authentication information; receiving at a third DNS server, prior to the receiving at the first DNS server, over the electronic computer network, a third DNS resource record request from the client computer, the third DNS resource record request comprising a third domain name; and providing, by the third DNS server to the client computer and in response to the third DNS resource record request, an insufficient response; whereby resolution logic consequently directs the client computer to send the first DNS resource record request, and wherein the requested data is associated with the third domain name. 2. The method of claim 1 , wherein the insufficient response corresponds to a non-existent domain. 3. The method of claim 1 , wherein the insufficient response corresponds to a non-existence of a record of a particular record type. 4. The method of claim 1 , wherein the insufficient response corresponds to a non-existence of a field of a particular field type. 5. The method of claim 1 , wherein the insufficient response corresponds to a non-existence of data of a particular type. 6. The method of claim 3 , wherein the particular record type is at least one of a Secure/Multipurpose Internet Mail Extensions Association (SMIMEA) record, a Transport Layer Security Association (TLSA) record, or a DNS-based Authentication of Named Entities (DANE) record. 7. The method of claim 1 , wherein the third DNS server is one or more of the first DNS server or the second DNS server. 8. The method of claim 1 , wherein the first DNS server is the second DNS server. 9. The method of claim 1 , wherein the non-DNS service obtains an identifier corresponding to a user of the client computer, whereby the non-DNS service selects the requested data based at least in part on the identifier corresponding to the user of the client computer. 10. The method of claim 1 , wherein the second DNS resource record is one of a plurality of DNS resource records provided by the second DNS server to the client computer in response to the second DNS resource record request; whereby the client computer selects the second DNS resource record from the plurality of DNS resource records based on at least one of the requested data or an identifier corresponding to a user of the client computer. 11. The method of claim 1 , further comprising: selecting, by the second DNS server, the second DNS resource record from a plurality of DNS resource records based on at least one of the requested data or an identifier corresponding to a user of the client computer. 12. The method of claim 1 , wherein the information sufficient to derive the target URI comprises the target URI and the deriving comprises using the information sufficient to derive the target URI as the target URI. 13. The method of claim 1 , wherein the information sufficient to derive the target URI comprises a base URI and the deriving comprises parameterizing the base URI to derive the target URI. 14. A method of obtaining data, the method comprising: sending, from a client computer and over an electronic computer network, a first Domain Name System (DNS) resource record request to a first DNS server, wherein the first DNS resource record request comprises a first domain name; receiving, by the client computer, a first DNS resource record sent from the first DNS server in response to the first DNS resource record request, the first DNS resource record comprising information sufficient to derive a target URI; deriving, by the client computer, a target URI from the information sufficient to derive a target URI; contacting, by the client computer and over the electronic computer network, a non-DNS service at the target URI for requested data; receiving, by the client computer and over the electronic computer network, the requested data from the non-DNS service; sending, by the client computer and over the electronic network, a second DNS resource record request to a second DNS server, the second DNS resource record request comprising a second domain name; receiving, by the client computer, a second DNS resource record sent from the second DNS server in response to the second DNS resource record request, the second DNS resource record comprising cryptographic authentication information corresponding to the second domain name; cryptographically validating the requested data using the cryptographic authentication information; sending, prior to the sending the first DNS resource record request, from the client computer and over the electronic computer network, a third DNS resource record request to a third DNS server, the third DNS resource record request comprising a third domain name; and receiving, by the client computer, an insufficient record sent by the third DNS server in response to the third DNS resource record request, wherein resolution logic consequently directs the client computer to perform the sending the first DNS resource record request wherein the requested data is associated with the third domain name; and wherein the sending the first DNS resource record request and the receiving the first DNS resource record occur after the sending the second DNS resource record request and the receiving the second DNS resource record. 15. The method of claim 14 , wherein the insufficient response corresponds to a non-existent domain. 16. The method of claim 14 , wherein the insufficient response corresponds to a non-existence of a record of a particular record type. 17. The method of claim 14 , wherein the insufficient response corresponds to a non-existence of a field of a particular field type. 18. The method of claim 14 , wherein the insufficient response corresponds to a non-existence of data of a particular type. 19. The method of claim 16 , wherein the particular record type is at least one of a Secure/Multipurpose Internet Mail Extensions Association (SMIMEA) record, a Transport Layer Security Association (TLSA) record, or a DNS-based Authentication of Named Entities (DANE) record. 20. The method of claim 14 , wherein the third DNS server is one or more of the first DNS server or the second DNS server. 21. The method of claim 14 , wherein the first DNS server is the second DNS server.