Lennart Poettering <mzerq...@0pointer.de> wrote:
> On Mon, 07.12.15 15:31, Björn Persson (Bjorn@rombobjörn.se) wrote:
> > Lennart Poettering <mzerq...@0pointer.de> wrote:
> > > You *have* to use the local DNS servers by default, even if they are
> > > crap.
> > 
> > I for one want my laptop to be suspicious of random DNS servers it
> > encounters in public places, and bypass them if they're found to be
> > lying.
> Well, if you are knoweledgeable enough to understand the problem, then
> you hould also be able to install/configure dnssec yourself. But I am
> pretty sure that the typical user is neither knowledgeable enough
> about this to make the decision, nor does he really care...

You are right about the typical user. This is what happens to the
typical user as a result:


Is it Jessica's fault that she doesn't know what a DNS server is, or
that it can lie to her? Is it her fault that she has never heard about
DNSsec, or PGP, or OPENPGPKEY records? Is it her fault that her email
program doesn't bring those pieces together to authenticate incoming

Or do we programmers have some responsibility to provide Jessica with
software that at least tries to keep her secure?

Björn Persson
devel mailing list

Reply via email to