On Thu, Mar 12, 2009 at 08:13:02AM -0400, John J. McDonough wrote: > I have opened up a wiki page for the Beta release notes. Right now this > is essentially a copy of the Alpha release notes. If you are the owner > of one of the major features, please review these notes and update them > to reflect progress since Alpha. > > These draft Beta release notes can be found at: > http://fedoraproject.org/wiki/Fedora_11_Beta_release_notes > It would be nice to have a statement about DNSSEC in beta notes because many users might be interested in. ----- DNSSEC - DNS Security Extensions Bind and unbound (recursive DNS servers) now enable DNSSEC validation in their default configuration. DNSSEC Lookaside Verification (DLV) is not enabled. This behaviour can be modified in /etc/sysconfig/dnssec by changing the DNSSEC and DLV settings. With DNSSEC enabled, when a domain supplies DNSSEC data (such as .gov, .se, the ENUM zone and other TLD's) then that data will be cryptographically validated on the recursive DNS server. If validation fails, due to attempts at cache poisoning (eg via a Kaminsky Attack) then the enduser will not be given this forged/spoofed data. DNSSEC deployment is gaining speed rapidly, and is a crucial part and the next logical step to make the internet more secure for end users. For more information and troubleshooting see http://fedoraproject.org/wiki/Features/DNSSEC ----- Could you add statement written above to beta release notes, please? Or should I take an action. Regards, Adam -- Adam Tkac, Red Hat, Inc. -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
