On 04/09/2018 02:07 AM, Chris Murphy wrote:
> On Sun, Apr 8, 2018 at 4:59 PM, Dominik 'Rathann' Mierzejewski
> <domi...@greysector.net> wrote:
>> On Monday, 09 April 2018 at 00:52, Chris Murphy wrote:
>>> [chris@f28h ~]$ dnssec-trigger-control status
>>> at 2018-04-08 16:46:45
>>> cache 18.104.22.168: OK
>>> cache 22.214.171.124: OK
>>> cache 2001:558:feed::1: OK
>>> cache 2001:558:feed::2: OK
>>> state: cache secure
>> This looks good, similar to mine.
>>> But no pages load.
>>> Hmm. We’re having trouble finding that site.
>>> We can’t connect to the server at www.
>> What can I say... this works for me (Fedora 27). Maybe try restarting
> Restarted Firefox and then also the whole laptop. Doesn't work. But
> then I'm in Fedora 28 so it may be a bug. Anyway, getting this to work
> for me isn't really the point of the thread. I'm wondering about
> something that works out of the box for everyone, what that looks
> like, and it seems like dnscrypt-proxy 2 can support either DNSSEC or
I've been playing with dnssec-trigger for a while and I would not enable
it by default. If you have a single connection with ISP provided
resolvers or public DNS, it is fine, but it gets harder to configure
when you have multiple connections like Wi-Fi and corporate or
university VPNs where each provides some forward zones and needs reverse
zones for correct behavior.
Martin Sehnoutka | Associate Software Engineer
RED HAT | TRIED. TESTED. TRUSTED.
devel mailing list -- email@example.com
To unsubscribe send an email to devel-le...@lists.fedoraproject.org