Am 16.01.2015 um 01:45 schrieb Neal Becker:
I personally know nothing of the subject, but found this article
than you should get some understanding *before* refer to random articles on the web where the only truth fact is the expensive deployment which does not bother you on the enduser machine
frankly there is so much crap in context of encryption and security on the web written by clueless people and way too often blindly followed by also clueless admins breaking there setup without notice and recommending others to do the same
in fact DNSSEC is the prerequisite for http://en.wikipedia.org/wiki/DNS-based_Authentication_of_Named_Entities which has the potential to replace the horrible need of CA signed certificates for SSL which are in fact *completly* unrelieable because every random of the thousands entities your browsers trusts can sign any random domain certificate
I wonder if there's any truth here? If so, maybe the push for dnssec on f22 isn't as wonderful as supposed: http://sockpuppet.org/blog/2015/01/15/against-dnssec/
Attachment:
signature.asc
Description: OpenPGP digital signature
-- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
