[Bug 754583] Review Request: dnssec-trigger - Update/reconfigure DNSSEC resolving

bugzilla at redhat.com bugzilla at redhat.com
Wed Nov 16 22:05:59 UTC 2011 

Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.


https://bugzilla.redhat.com/show_bug.cgi?id=754583

--- Comment #1 from Paul Wouters <paul at xelerance.com> 2011-11-16 17:05:58 EST ---
$ rpmlint  /home/paul/SRPMS/dnssec-trigger-0.7-1.fc14.src.rpm
/home/paul/RPMS/x86_64/dnssec-trigger-0.7-1.fc14.x86_64.rpm
/home/paul/RPMS/x86_64/dnssec-trigger-debuginfo-0.7-1.fc14.x86_64.rpm
dnssec-trigger.src: W: spelling-error Summary(en_US) plugin -> plug in,
plug-in, plugging
dnssec-trigger.src: W: spelling-error %description -l en_US dnsesc -> menses,
descant, descend
dnssec-trigger.x86_64: W: spelling-error Summary(en_US) plugin -> plug in,
plug-in, plugging
dnssec-trigger.x86_64: W: spelling-error %description -l en_US dnsesc ->
menses, descant, descend
dnssec-trigger.x86_64: W: no-manual-page-for-binary dnssec-trigger-panel
dnssec-trigger.x86_64: W: no-manual-page-for-binary dnssec-triggerd
dnssec-trigger.x86_64: W: no-manual-page-for-binary dnssec-trigger-control
dnssec-trigger.x86_64: W: no-manual-page-for-binary
dnssec-trigger-control-setup
3 packages and 0 specfiles checked; 0 errors, 8 warnings.

Note one concern that needs addressing before adding to fedora is whether or
not to enable the dns-over-port-433 fallback, that uses an open recursor at
NLnetlabs.nl that has a dnssec capable validator listening at that port.

It could in theory be a privacy issue (though I trust NLnetlabs as they write
lots of software that runs as root, like unbound and nsd). Though they might
also not be expecting as many clients as fedora might possible end up giving
them.

We could setup such a DNS resolver within the Fedora Project as well, where we
do control the logging (eg none)

I will talk to NLnetlabs, and with Adam at fedora about this, but other opinions
also appreciated on this issue.

-- 
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

More information about the package-review mailing list