Re: Stable Release Updates types proposal (was Re: Fedora Board Meeting Recap 2010-03-11)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, 11 Mar 2010, Seth Vidal wrote:

> And it will be impossible for users running the non-sha256 bind to
> communicate with the sha256 supporting arpa?
>
> I guess I don't understand what do the users of the existing bind LOSE?
>
> Is ARPA expecting everyone to upgrade to a sha256 supporting bind
> immediately? There's no migration window?

If someone has dnssec enabled in bind including DLV, then the key will be
found and its use will be attempted. I am not sure what happens on an older
bind 9.6.1 when that happens. One will hope it will just continue to be
treated as "insecure" and not as "bogus" (aka servfail). I have not tested
this.

But I understand your generic point. It's a feature so put it in rawhide/next
release.

Paul
-- 
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux