On 30.06.2015 13:53, Bastien Nocera wrote: > > > ----- Original Message ----- >> On 30.06.2015 11:24, Tomas Hozza wrote: > <snip> >>> It means that the site of your bank you are on may not be provided the >>> actual host you should be connected to, but instead by some attacker's. >>> The insecure mode means that you are vulnerable in the same way as the >>> plain DNS is. So you are insecure even now if you don't use DNSSEC >>> without realizing it. >> >> Except if your bank is using https and you connected to it that way, and >> you have unbroken CA roots. and so on ... >> >> The combinatorial explosion of states between "insecure" (someone just >> stole my money) and "secure" (the NSA be crying because they can't touch >> this) ... means you end up with about NNNN posibilities to explain to >> the user. >> >> It's not possible to represent all of this in a dialog. We'd have to >> print a book and mail to to the user. > > Which means that it needs to be opt-in for us not to have "unbreak my Internet" > buttons in the UI. Once DNSSEC is more widely deployed and we can safely > assume that the majority of the Internet is used it, we can toggle it on. Yeah, that's one option. Another is if dnssec-trigger can reliably detect the presence of DNSSEC on a given network, then it could enforce its use from then on. But making the user decide (or showing them a message) every time they connect to such networks is not the way to go. Stef -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
