On Mon, 07.12.15 15:31, Björn Persson (Bjorn(a)xn--rombobjrn-67a.se) wrote:
Lennart Poettering <mzerqung(a)0pointer.de> wrote:
> You *have* to use the local DNS servers by default, even if they are
> crap.
I for one want my laptop to be suspicious of random DNS servers it
encounters in public places, and bypass them if they're found to be
lying.
Well, if you are knoweledgeable enough to understand the problem, then
you hould also be able to install/configure dnssec yourself. But I am
pretty sure that the typical user is neither knowledgeable enough
about this to make the decision, nor does he really care...
As I understood the feature was posted to make something the default
in Fedora, and I am just concerned about that new default.
It seems to me that the system needs to ask the user whether they
are
in a public hotspot that they're using only as a way to access the
Internet, or whether they're visiting a friend and want to access
internal servers. I don't see a way to tell the difference reliably
without any user interaction.
I think that would be pretty bad UI. You shouldn't ask users questions
they likely won't grok. In fact, you better shouldn't ask users
technical questions at all...
Lennart
--
Lennart Poettering, Red Hat