On 30.06.2015 16:07, Michael Catanzaro wrote: > On Tue, 2015-06-30 at 14:23 +0200, Tomas Hozza wrote: >> Except that this is exactly what we DON'T want to do. DNSSEC is an >> extension of DNS and it can be used even without the need for the >> whole >> Internet to be signed. We want to use it even if the network-provided >> DNS resolvers don't support DNSSEC. > > I'm confused on one point: why would the user ever want to turn off > DNSSEC validation (except to get past a for captive portal)? It sounds > like you have no shortage of safeguards in place to make sure this > always works: for it to break the user would have to be on a network > that doesn't support DNSSEC, that blocks VPN, with the Fedora > infrastructure down, right? I think it's OK to fail connections in that > case (provided we have a story for captive portals). > > What we basically do not want is to give the user an option for turning > a security feature off. Thank you for explanation. In that case we don't need any UI integration for this. Even though we use dnssec-trigger daily on our machines, we wanted to give the user a way to disable the feature if needed without the root access. This is more of a precaution in case something is broken and we didn't know about it. Tomas -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
