Hi, Well failing silently isn't helpful, but probably better than the alternative here. Let me outline two scenarios (no firewall at all vs firewall feature as I suggested) as I see them. Using your laptop at home (trusted network): More or less identical behavior between the two options. Using laptop at conference/internet cafe: No firewall: All your services and applications will just work Downside: Your private media and files might end up being made available to anyone on the network. Bigger attack surface What we would want applications to do: Have the services listening on the network be stopped. With firewall as described: If you choose the network to be trusted, all your services and applications will just work If you choose the network to be not trusted, your services and applications will silently fail Downside If you choose the network to be trusted, same as the non-firewall scenario If you choose the network to be not trusted, your services and applications will silently fail What we would want applications to do: Check if they can actually function and notify user if not -------------- So to me it seems like we have a trade off between helping protect users privacy and security versus people might having trouble correlating their choice of non-trusted network with DLNA sharing not working on the conference network. (Of course the conference network might also be causing the problem depending on its configuration.) In both cases we would ideally like the application developers to take some action in terms of how they deal with the situation. That said to me the request we would make of them in the firewall scenario seems easier to do generically than the option we would like them to take in the second option, and also less of a risk when some of the app devs will not do what we hope they will. Christian ----- Original Message ----- > From: "Matthew Garrett" <mjg59@xxxxxxxxxxxxx> > To: desktop@xxxxxxxxxxxxxxxxxxxxxxx > Sent: Thursday, February 20, 2014 4:24:29 PM > Subject: Re: technical spec for the workstation up for review > > On Thu, Feb 20, 2014 at 10:21:50AM -0500, Christian Schaller wrote: > > As I pointed out in the email you are responding to, there is no > > application support requirement here. > > Yes, there is. Applications need to be able to inform the user as to > whether or not they're going to work in the current network environment, > and they need to be able to tell the user what to do about that. Failing > silently is unhelpful. > > -- > Matthew Garrett | mjg59@xxxxxxxxxxxxx > -- > desktop mailing list > desktop@xxxxxxxxxxxxxxxxxxxxxxx > https://admin.fedoraproject.org/mailman/listinfo/desktop -- desktop mailing list desktop@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/desktop