dnssec-trigger + GNOME + NetworkManager integration
Stef Walter
stefw at redhat.com
Tue Jun 30 11:58:18 UTC 2015
On 30.06.2015 13:53, Bastien Nocera wrote:
>
>
> ----- Original Message -----
>> On 30.06.2015 11:24, Tomas Hozza wrote:
> <snip>
>>> It means that the site of your bank you are on may not be provided the
>>> actual host you should be connected to, but instead by some attacker's.
>>> The insecure mode means that you are vulnerable in the same way as the
>>> plain DNS is. So you are insecure even now if you don't use DNSSEC
>>> without realizing it.
>>
>> Except if your bank is using https and you connected to it that way, and
>> you have unbroken CA roots. and so on ...
>>
>> The combinatorial explosion of states between "insecure" (someone just
>> stole my money) and "secure" (the NSA be crying because they can't touch
>> this) ... means you end up with about NNNN posibilities to explain to
>> the user.
>>
>> It's not possible to represent all of this in a dialog. We'd have to
>> print a book and mail to to the user.
>
> Which means that it needs to be opt-in for us not to have "unbreak my Internet"
> buttons in the UI. Once DNSSEC is more widely deployed and we can safely
> assume that the majority of the Internet is used it, we can toggle it on.
Yeah, that's one option.
Another is if dnssec-trigger can reliably detect the presence of DNSSEC
on a given network, then it could enforce its use from then on.
But making the user decide (or showing them a message) every time they
connect to such networks is not the way to go.
Stef
More information about the devel
mailing list