FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora Development

 
 
LinkBack Thread Tools
 
Old 02-16-2010, 04:07 PM
Paul Wouters
 
Default background information on the dnssec-conf issue

On Thu, 11 Feb 2010, Paul W. Frields wrote:

> Fedora 11: https://admin.fedoraproject.org/updates/F11/FEDORA-2010-1696
> Fedora 12: https://admin.fedoraproject.org/updates/F12/FEDORA-2010-1748

For those interested in some more background information about the
chain of events on the dnssec-conf stale trust anchor with the bind bug,
please see:

http://www.potaroo.net/ispcol/2010-02/rollover.pdf

My apologies for being responsible for some of the problems with dnssec-conf
and the initial update causing some bind installations to stop working, and
the extra work I caused rel-eng.

On the possitive side, it seems Fedora has been responsible for quite a
large perentage of world wide DNSSEC traffic, and has given valuable experience
to many parties involved, from TLD's to software vendors to the IETF.

Due to the maturity of the ISC DLV Registry, and the imminent signing
of the root in July, the dnssec-conf package (and its included trust
anchors) will be phased out as a dependancy for the bind and unbound
packages. New stock bind and unbound installs will keep DNSSEC processing
enabled and will keep the ISC DLV Registry enabled.

If anyone has any questions, please email me.

Paul
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
 

Thread Tools




All times are GMT. The time now is 10:48 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org