On Út, 2015-12-01 at 11:15 +0100, Tomas Hozza wrote:
You are not mistaken.
This is the third time, because previously we rather moved the change to the
next Fedora to bring better user experience. Every time there was something
enhanced, since we learned a lot about user use-cases, so this is definitely
not the same change as before, only the root idea is the same. The Change Wiki
is up-to-date and contains the current information.
Also with many projects involved - Gnome Shell, NetworkManager, Unbound,
dnssec-trigger, SELinux (always a pleasure:), Docker... it is not the easiest
thing to agree on changes and coordinate everything on time.
What changed from the top of my head:
- We decided not to install the dnssec-trigger panel by default and rather
better integrate dnssec-trigger with NM and Gnome Shell
- We decided not to query user for security decisions, and for the beginning
if there is no other option just fall back to the current state that that is
in Fedora today
Will there be at least some visual indicator that the network you're
connected to does not provide secure DNS?
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
Turkish proverb
(You'll never know whether the road is wrong though.)