Deutsch | English

[Ach] opinions on letsencrypt.org?

Jonas Wielicki j.wielicki at sotecware.net
Wed Nov 26 07:30:39 CET 2014


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi,

On 25.11.2014 19:24, Hanno Böck wrote:
> What's the idea here? Should everyone install a dns resolver 
> locally? (I feel this would open up a whole bunch of potential 
> other issues if it isn't done right - e.g. if the resolver is open
>  to anyone)

This should not be an issue if handled by the Operating System
provider. Fedora started to ship dnssec-trigger[1], which
automatically configures a local unbound to do resolving. There is
quite some magic involved, and it does not work flawlessly in all
cases[2], but I think that following this step, it can certainly be
done right.

regards,
jwi

   [1]: https://fedoraproject.org/wiki/Features/DNSSEC_on_workstations

   [2]: The issues are mostly UX things, like sometimes unbound messes
        up and one has to restart it manually or the GUI which is a bit
        strange and advertises features which are not there (like
        switching off DNSSEC).
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJUdXOOAAoJEMBiAyWXYliK4ioQAJYQN/Pk5xd14SErofiAN52a
OvTv6pOqzmE58OSRmLGAPqqiKZ6WaMIdUO1ob91Z2OnVoxP7LjMHjX9O16irNW3t
LwTdygkIfKstiz7afCE1Juuo5XM413aAvK4qIrgNmLgCxpCOjwLgrZ8bR6+0KeVm
5oiXQbyfdi4jXekUl1Ib7HfKloQjprbJQnwMNRwcX/HRccA9pxcCFR9SU9HjeyHF
+/2j2HoqJGLgU2st5jGRzIwfJoHVglkgFMiy2hNH8KHai/YZKTCFwYgUSDKAwFrO
on/LSTm1PQGbgYzaJEWfPEZFJM9/bqqCK3qGB8hHftJH3HI7Bo26LckeplzBecx/
RMf7XI0FFNXctDxLrVzKOW5c9DJlnjpa0cdQSLUJnEXiQ1yY+TpoOgAJcurLzMvd
YpBgkuU7ZJZS39AF6oCYyQE2SSToocPMbUeZpTASPLc3oE480A5eGmu1Fc82GkkF
7k8q/qASoXmJnf6s4xwFTZi0V/q2XSYA0bvY0HF8nUf1b2l2mGRJA4ga77u2H8ik
BWLgFkKcU56rypYSZGnVfSoACpCGby5IuOQZ9+vSblHq16JsX62i2lqPo5kUUySS
ExZVq+yNfmkQtEgdecdFu3Vk+1cfaAnshR0bL03jkDoow6cR02LJ3Wyna/AQuWJb
rQjx4KPuocEObsAK1kI3
=83wh
-----END PGP SIGNATURE-----



More information about the Ach mailing list
Kontakt
Email: reports@cert.at
Tel.: +43 1 5056416 78
mehr ...
Warnungen
mehr ...
Blog
mehr ...
Jahresbericht 2017
Ein Resumee zur digitalen Sicherheitslage in Österreich

(HTML, PDF).
Letzte Änderung: 2018/5/28 - 15:00:00
Haftungsausschluss / Datenschutzerklärung