Extending DNSSEC trust chains to objects outside the DNS

What is claimed is: 1. A method of providing data, the method comprising: receiving at a first Domain Name System (DNS) server, over an electronic computer network, a first DNS resource record request from a client computer, wherein the first DNS resource record request comprises a first domain name; providing, by the first DNS server to the client computer and in response to the first DNS resource record request, a first DNS resource record comprising a URI for a first non-DNS service; whereby the client computer derives a target URI from the URI for the first non-DNS service, contacts a second non-DNS service at the target URI for requested data, and receives the requested data from the second non-DNS service; receiving, at a second DNS server, over the electronic computer network, a second DNS resource record request from the client computer, the second DNS resource record request comprising a second domain name; providing, by the second DNS server to the client computer and in response to the second DNS resource record request, a second DNS resource record comprising cryptographic authentication information corresponding to the second domain name; whereby the client computer cryptographically validates the requested data using the cryptographic authentication information; receiving at a third DNS server, prior to the receiving at the first DNS server, over the electronic computer network, a third DNS resource record request from the client computer, the third DNS resource record request comprising a third domain name; and replying to the client computer that the third DNS resource record request corresponds to a non-existent record, whereby resolution logic consequently directs the client computer to send the first DNS resource record request. 2. The method of claim 1 , wherein the third DNS server is the first DNS server. 3. The method of claim 1 , wherein the second DNS server is the third DNS server. 4. The method of claim 1 , wherein the second DNS server is the first DNS server. 5. The method of claim 1 , wherein the cryptographic authentication information comprises a public key of an asymmetric cryptographic key pair, wherein the requested data is signed by a private key of the cryptographic key pair. 6. The method of claim 5 , wherein the cryptographic authentication information further comprises a digital certificate comprising the public key. 7. The method of claim 1 , wherein the cryptographic authentication information comprises a digital certificate in a trust chain that includes a public key of an asymmetric cryptographic key pair, wherein the requested data is signed by a private key of the cryptographic key pair. 8. The method of claim 1 , wherein the requested data is signed by a private key of an asymmetric cryptographic key pair comprising a public key, and wherein the cryptographic authentication information comprises a cryptographic hash of at least one of: the public key, a digital certificate comprising the public key, or a digital certificate in a trust chain that includes the public key. 9. The method of claim 1 , wherein the cryptographic authentication information comprises a cryptographic hash of the requested data. 10. The method of claim 1 , wherein the second non-DNS service obtains an identifier corresponding to a user of the client computer, whereby the second non-DNS service selects the requested data based at least in part on the identifier corresponding to the user of the client computer. 11. The method of claim 1 , wherein the second DNS resource record is one of a plurality of DNS resource records provided by the by the second DNS server to the client computer in response to the second DNS resource record request; whereby the client computer selects the second DNS resource record from the plurality of DNS resource records based on at least one of the requested data or an identifier corresponding to a user of the client computer. 12. The method of claim 1 , further comprising: selecting, by the second DNS server, the second DNS resource record from a plurality of DNS resource records based on at least one of the requested data or an identifier corresponding to a user of the client computer. 13. A system for providing data, the system comprising: a first Domain Name System (DNS) server comprising a network interface and configured to: receive, over an electronic computer network, a first DNS resource record request from the client computer, wherein the first DNS resource record request comprises a first domain name; and provide, to the client computer and in response to the first DNS resource record request, a first DNS resource record comprising a URI for a first non-DNS service; whereby the client computer derives a target URI from the URI for the first non-DNS service, contacts a second non-DNS service at the target URI for requested data, and receives the requested data from the second non-DNS service; a second DNS server comprising a network interface and communicatively coupled to the first DNS server, the second DNS server configured to: receive, over the electronic computer network, a second DNS resource record request from the client computer, the second DNS resource record request comprising a second domain name; and provide, to the client computer and in response to the second DNS resource record request, a second DNS resource record comprising cryptographic authentication information corresponding to the second domain name; whereby the client computer cryptographically validates the requested data using the cryptographic authentication information; and a third DNS server configured to: receive, prior to the first DNS server receiving the first resource record request, over the electronic computer network, a third DNS resource record request from the client computer, the third DNS resource record request comprising a third domain name; determine that the third DNS resource record request corresponds to a non-existent record; and reply to the client computer that the third DNS resource record request corresponds to a non-existent record, whereby resolution logic consequently directs the client computer to send the first DNS resource record request. 14. The system of claim 13 , wherein the third DNS server is the first DNS server. 15. The system of claim 13 , wherein the second DNS server is the third DNS server. 16. The system of claim 13 , wherein the second DNS server is the first DNS server. 17. The system of claim 13 , wherein the cryptographic authentication information comprises a public key of an asymmetric cryptographic key pair, wherein the requested data is signed by a private key of the cryptographic key pair. 18. The system of claim 17 , wherein the cryptographic authentication information further comprises a digital certificate comprising the public key. 19. The system of claim 13 , wherein the cryptographic authentication information comprises a digital certificate in a trust chain that includes a public key of an asymmetric cryptographic key pair, wherein the requested data is signed by a private key of the cryptographic key pair. 20. The system of claim 13 , wherein the cryptographic authentication information comprises a cryptographic hash of the requested data. 21. The system of claim 13 , wherein the second non-DNS service obtains an identifier corresponding to a user of the client computer, whereby the second non-DNS service selects the requested data based at least in part on the ident