On 12/09/2015 01:04 PM, Debarshi Ray wrote: > On Mon, Dec 07, 2015 at 10:48:55AM +0100, Tomas Hozza wrote: >> On 04.12.2015 15:57, Lennart Poettering wrote: >>> How do other popular desktop/consumer OSes deal with this? Windows, MacOS, >>> iOS, Android, ChromeOS? Does any of them do client-side DNSSEC validation by >>> default and how are they dealing with this issue? >> >> I'm not able to answer this question. > > That is troubling. :( > > Since this is likely to break networking on a lot of client-side systems, I > would have expected you to do this research before submitting it as a System > Wide Change.
We did. We are the First at undertaking this at an OS level. If the others proceed they will run in the exact same issue. The problem of broken and badly designed DNS setups is, is that they only go away when it finally breaks down. Paul -- devel mailing list devel@lists.fedoraproject.org http://lists.fedoraproject.org/admin/lists/devel@lists.fedoraproject.org
