28 Sep
2020
28 Sep
'20
7:59 p.m.
On 9/28/20 11:03 AM, Lennart Poettering wrote:
So far we side-step the DO issue by returning a clean error when clients set DO: "not implemented", plus a log message in syslog with more info. I'd argue that for the vast majority of users this is perfectly enough. Because IRL client-side DNSSEC doesn't really exist outside of some very specific circles of DNS nerds, I guess.
Do you mean, "professionals for whom security is a primary job function?"
As other list members have already been asked to avoid making this conversation personal, can we *all* not make it about the people, please?