On Feb 17, 2013, at 2:32 PM, Paul Hoffman <paul.hoff...@vpnc.org> wrote: > Please: no. If I have local validation turned on for my own host, and there > is a site I need to get to but it has broken signatures, I would like a GUI > that says "this zone has broken signatures; ignore validation failures for 60 > minutes?".
Training users to bypass security. This is extremely bad security UI design. MUST NOT level bad. How does the user distinguish between "attack" and "mistake"? I don't even know how I would do it, and I have at least some vague understanding of the security model of DNSSEC, which is a genuine rarity. What's the point of having a validating resolver if validation can be skipped with a click? Having a configurable negative trust anchor zone isn't as good as having DNSSEC that can be counted on to always be configured correctly, but it's a lot better than a UI like this. _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
