dnssec-trigger + GNOME + NetworkManager integration

Paul Wouters paul at nohats.ca
Wed Jul 1 22:40:50 UTC 2015


On Tue, 30 Jun 2015, Michael Catanzaro wrote:

> I'm confused on one point: why would the user ever want to turn off
> DNSSEC validation (except to get past a for captive portal)? It sounds
> like you have no shortage of safeguards in place to make sure this
> always works: for it to break the user would have to be on a network
> that doesn't support DNSSEC, that blocks VPN, with the Fedora
> infrastructure down, right? I think it's OK to fail connections in that
> case (provided we have a story for captive portals).

As a frequent traveler, I do have at times needed to go 'insecure'
because VPN was blocked and DNS transparently redirected to a very
broken server. In fact, right now this is happening to me, where all
A records have no RRSIG and the entire root server list is stuffed in
the additional section :P

> What we basically do not want is to give the user an option for turning
> a security feature off.

That's the same as saying remove the "continue anyway" frmo the browser.
Only the human can determine if it is more important to be online
insecurely or offline securely. At least we can hope when they click
insecure that they won't go login to their banking site :P

Paul


More information about the devel mailing list