/?packages=libreswan
Could we have a mod_rewrite rule for
bodhi.fedoraproject.org/updates/packagename ?
Paul
--
devel mailing list
devel@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/devel@lists.fedoraproject.org
usted networks".
>
> Hmmm... "easily solved" is not "solved":
> * Has this "biggest issue" really been solved? Do we have this NM
> integration?
I don't know. I don't think the integration with firewalld/NM uses the same
concept of "zones&
On 12/12/2015 09:11 PM, Oron Peled wrote:
> On Friday 11 December 2015 09:09:28 Paul Wouters wrote:
>> On 12/09/2015 06:02 PM, Oron Peled wrote:
>>> Why don't we plan this feature in two stages:
>>> * Fedora 24: turn it on by default, but *keep using re
>explanation and suggestions for further action.
DNS lookups don't have users like web browsers.
I have been running this setup since Fedora 17. Breakage is not that bad.
Paul
--
devel mailing list
devel@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/devel@lists.fedoraproject.org
ould have expected you to do this research before submitting it as a System
> Wide Change.
We did. We are the First at undertaking this at an OS level. If the others
proceed they will run in the exact same issue. The problem of broken and
badly designed DNS setups is, is that they only
On 07/12/15 17:40, Kevin Fenzi wrote:
FYI, this discussion might be better on the actual epel-devel list...
On Mon, 7 Dec 2015 15:17:54 +
Paul Howarth wrote:
On 07/12/15 14:59, Pierre-Yves Chibon wrote:
...snip...
Could make a compat package in EPEL7 be an option?
This way you
problem for us.
If my fritz.box is 192.168.1.254 and yours is 192.168.1.1, what would
you want the AVM registered domain fritz.box to return as A record?
One of us will break regardless, unless the fritz box hijacks all port
53 to push it through its preprocessor its fake .box domain.
Paul
--
devel
rity gained by using DNSSEC.
Worse, we open up ourselves for legal issues if the domain is delegated.
How do other popular desktop/consumer OSes deal with this? Windows,
MacOS, iOS, Android, ChromeOS? Does any of them do client-side DNSSEC
validation by default and how are they dealing with this is
validation. It's just to get through stupid
networks blocking legitimate traffic AND having a DNSSEC-broken
(years old!) DNS server running.
DNS and DNSSEC are designed to scale, with all its caching,
forwarding, offline signing and so on. By then pushing the whole
traffic through HTTPS you c
We delayed this feature a few times to ensure
we would get better integration with gnome and VPNs so that we could
address the _real_ problems.
People using stolen or made up domain names is not a use case that can
be supported anymore with Secure DNS.
Paul
--
devel mailing list
devel@lists.f
b, it will just fail.
Move your own domains within one of your real legitimate domains, and
you have the freedom to do whatever you want. Start moving away from
split DNS because that's going to be very hard to support.
Paul
--
devel mailing list
devel@lists.fedoraproject.org
http://lists.fed
ution to this. Once you
> start doing such hacks, there is a very thin line when you are starting to
> degrade
> the security gained by using DNSSEC.
Worse, we open up ourselves for legal issues if the domain is delegated.
>> How do other popular desktop/consumer OSes deal with this?
th issue but should fix the dependencies.
Paul.
--
devel mailing list
devel@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/devel@lists.fedoraproject.org
ived during the VPN negotiation. It
will remove the forward when the VPN connection goes down. And for those
domains, the cache is flushed on each event too, to prevent using stale
data that is only used when the VPN is up (or down)
Paul
--
devel mailing list
devel@lists.fedorap
to a portal if they want to?
If you can do so now, then you will in the future as well? The idea here
is that dnssec-trigger will no longer fire up its own portal login page,
but leave it to the OS/Desktop.
Paul
--
devel mailing list
devel@lists.fedoraproject.org
http://lists.fedoraproject.org
C they shouldn't automatically be foisted on any
user, just available for download.
--
Paul W. Frieldshttp://paul.frields.org/
gpg fingerprint: 3DA6 A0AC 6D58 FEC4 0233 5906 ACDB C937 BD11 3717
http://redhat.com/ - - - - http://pfrields.fedorapeo
Hi, I recently did a review swap with someone, and approved their
package. https://bugzilla.redhat.com/show_bug.cgi?id=1257410
(I should note Lyude is the same person as me, that's just my non
-redhat bugzilla account)
The guide here https://fedoraproject.org/wiki/Package_Review_Process sa
ys that
On Mon, 5 Oct 2015, Kevin Fenzi wrote:
On Mon, 5 Oct 2015 11:04:40 -0400
Paul Wouters wrote:
And openpgpkey-milter :)
And put in a TLSA record for their MX :)
I don't think it makes much sense for Fedora Infrastructure to get into
the business of being a SMTP server provider. Is
And openpgpkey-milter :)
And put in a TLSA record for their MX :)
Paul
Sent from my iPhone
> On Oct 5, 2015, at 10:58, Michel Alexandre Salim
> wrote:
>
> On a related note to that, it would be great if active Fedora contributors do
> get to use an SMTP server with SPF
.py files
in a subpackage.
It's nice to be able to edit the .py for testing without going through
hoops or building/installing rpms.
It's also nice to be able to read the .py code. That is one reason
people use script languages :P
Paul
--
devel mailing list
devel@list
stem is clearly not working for me.
Paul
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
x27;s place to make exceptions when they serve
> greater Fedora goals, maybe that could work?
While that doesn't seem hostile, it seems just as unsustainable.
Setting a better baseline expectation for bundling makes more sense.
--
Paul W. Frieldshttp://paul.f
gt; doled out by the FPC, I think package review should be able to handle
> it.
>
> This risks making somewhat harder to police egregious mis-behavior, but
> I am sure there are other ways to deal with offenders that willfully
> break reasonable rules.
Agreed.
--
Paul W. Frields
or
Fedora.
> >"Enforcement" implies adding more heavy process, which is part of the
> >problem this is trying to avoid.
> You don't seem to be aware about the fact FPC already tries to enforce
> unbundling. Yes, this is a heavy and time-consuming proces
built it in rawhide, and it seems fine. I suspect it has just
been an "no time" issue. I'll ping Tomas and ask him.
Paul
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
keep monitoring for 3) but close onesting bugs that are too old
and were clearly forgotten. I prefer to be informed by the monitor
script, even if I am a version behind :)
I've also just now added comments for all my entries on why these are
still not in CLOSED state.
Paul
Vít
[1]
d to the system, such as laptop touchpads. I've
heard that a good way to get reviews is to offer to do a review swap,
so I figured I might as well. If anyone would like their package
reviewed in exchange for mine, please let me know.
Cheers,
Stephen Chandler Paul
--
deve
ojects. And there, requiring Fedora infrastructure to be used
> > is very reasonable.
>
> Well, I guess we will agree to disagree then.
Agreed with kfenzi.
--
Paul W. Frieldshttp://paul.frields.org/
gpg fingerprint: 3DA6 A0AC 6D58 FEC4 0233 5906 ACDB C
lly, pagure has some
functionality to allow bidirectional code movement with Github, which
gets the best of both worlds.
If someone doesn't like making a Github account, in the interim
they're still free to fork as would be usual for any repo (including
hundreds of projects we carry in Fedo
ting in the package
NVR into the "Candidate Builds" field, which was not at all obvious to me.
Paul.
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
E.
Is that not the artistic license?
Paul
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
On Wed, 5 Aug 2015, Neal Gompa wrote:
I disagree that including the keys for EOL'd releases counts as
"encouraging" people to use old stuff. If someone has a reason to be
building RPMs for something way-old, I think it'd be nice for us to keep
those GPG keys available for t
rdware these days to run a Workstation
experience, after all.
> [1] https://bugzilla.redhat.com/show_bug.cgi?id=1247382
> [2] https://lists.fedoraproject.org/pipermail/devel/2015-February/208368.html
> [3] https://fedorahosted.org/cloud/ticket/106
--
Paul W. Frields
trying to
launch the captive portal login browser, or timing issues between
Gnome/NM and dnssec-triggerd.
Yeah, I am not entirely sure what's causing it either.
Paul
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of C
ong reason *not* to include those
keys?
I see no reason not to do that. We were also going to put those keys
into DNS, pendig some changes of the OPENPGPKEY ietf draft document.
Paul
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora
and polkit-libs should be updated to
polkit-0.112-7, whilst on x86_64, polkit-libs-0.112-7.i386 will obsolete
polkit-0.112-1.i386 and the x86_64 versions will upgrade to 0.112-7 as
expected.
Nothing arch-specific is necessary for the Obsoletes.
Paul.
--
devel mailing list
de
And dnssec-validator.cx for a Firefox/chrome plugin that you can see in action
against fedoraproject.org that already deploys this
Sent from my iPhone
> On Jul 3, 2015, at 10:43, Petr Spacek wrote:
>
>> On 2.7.2015 17:56, Michael Catanzaro wrote:
>>> On Thu, 2015-07-02 at 16:38 +0200, Reindl
On Wed, 1 Jul 2015, Michael Catanzaro wrote:
Date: Wed, 1 Jul 2015 19:26:55
From: Michael Catanzaro
To: devel@lists.fedoraproject.org
Subject: Re: dnssec-trigger + GNOME + NetworkManager integration
On Wed, 2015-07-01 at 18:40 -0400, Paul Wouters wrote:
That's the same as saying remov
ted.
http://stats.labs.apnic.net/dnssec
In North America and Europe, validation is about 20%. Overal in the
world it is 12%
It's really long overdue for us to make this the default and secure our
users.
Paul
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/m
on for turning
a security feature off.
That's the same as saying remove the "continue anyway" frmo the browser.
Only the human can determine if it is more important to be online
insecurely or offline securely. At least we can hope when they click
insecure that they won't go
c-trigger. It will be better for
>> getting additional information. Also please see the reply by Paul
>> Wouters to your previous email.
>
> Oh hey. I forgot that I posted this already, and didn't see the reply.
> Ugh, time for a vacation!
>
> --
> Matthew Mi
Try using unbound-host which uses the same configuration file?
Otherwise grep the logs for unbound or possibly increase verbosity to 2 or 3 in
the conf file.
If it happens again and you are comfortable with it, you can run
unbound-control dump to get the full DNS cache which could tell what's g
ec-trigger, but it
seems like something more integral to the resolver than outside of it?
No that is the core functionality of dnssec-trigger, not unbound. We
might be able to turn that into libdnssectrigger or something for
re-use. I don't think upstream wants to converge these two things into
certificates.
Recenyly unbound was patched to allow a local socket so we don't have to
go through HTTPS. This was merged upstream. A similar patch could be adopted
for dnssec-triggerd and I see now reason why (the same) upstream would
refuse it.
Paul
--
devel mailing list
nd will let the systemd people explain
their design.
If this is indeed what you're proposing, then lets have a discussion
about dnssec-trigger+unbound in that context, I do have some thoughts to
contribute here.
Good, we are open to thoughts and ideas ;)
Indeed, I'm curious to
ich runs as the logged in user.
Paul
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
use:
"http://hotspot-nocache.fedoraproject.org/";
xdg-open could be changed to a user's firefox, or a private window
firefox, or chrome, etc etc.
Paul
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
l hotspot detection would be broken. It
seems they have switched to captive.apple.com with returns "Success". It
has a TTL of 10 (after a CNAME redirect into Akamai) but it is missing
a record. Guess there aren't many ipv6 captive portals yet :P
Paul
--
deve
olations combined with a healthy dose
of packet loss.
Anyway, once I understand this properly, I will file a bug upstream (or
if you have a GNOME Bugzilla account, it would be better if you do so,
to be CCed on responses). Thanks for catching this issue.
I am not sure, but if I do I haven'
only used
for the HTTP interception test. The DNS interception test (at least
with dnssec-trigger) queries the root zone and a handful of TLD queries,
and does not use DNS queries for fedoraproject.org.
Paul
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/m
d
cause wrong probe results later on.
There is a good reason we started hotspot-nocache.fedoraproject.org.
Paul
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
little C program, I will test it as replacement for
xdg-open (which attimes does fail to appear for me, but usually I have
firefox open already so I create a new tab and hit 1.2.3.4)
We could ship it as part of dnssec-trigger or another package.
Paul
--
devel mailing list
devel@lists.fed
work blocks port 53 to all but
its own DNS servers, dnssec-trigger tries the other modes of DNS over
TCP/SSL. If any of this works the user isn't even consulted. Only when
all of this fails do we need to contact the user and ask them to go
"insecure" or "cache only"
Paul
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
keeps probing while
in hotspot mode to check when the "jailing" has been removed and real
internet access is available.
I hope we can get a design for this which integrates better with GNOME
Shell and the existing network icon there.
That would be nice indeed.
Pa
usefulness.
And last I looked it did not support DNSSEC. I'm also weary about
systemd-resolved basically marshalling DNS via DBUS.
> If this is indeed what you're proposing, then lets have a discussion
> about dnssec-trigger+unbound in that context, I do have some thought
gt; container and we trust the host and so on.
>
> In this case we trust to the result of validation indicated by AD bit.
> Application will receive the answer marked as trusted if the resolver tells us
> to do so by AD bit in the DNS reply.
Additionally, these applications cou
supported currently, but support for that is
very trivial. If unbound is found running, issue:
unbound-control forward_add . 1.2.3.4 5.6.7.8
I'm not sure whose job that would be.
Paul
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/
n I have
proper network connectivity and sometimes shows the wifi waves when
I do not have network connectivity. I did not realise this might have
been due to dnssec-triggerd/unbound.
Paul
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora
127.0.0.1. (currently, it needs to put in the hotspot
DNS servers for the hotspot logon, exposing other applications to
fake DNS)
3) dnssec-trigger updates the unbound DNS configurtion and tells NM to
proceed. NM tells the applications there is new network connectivity.
Paul
I wrote:
On 06/10/2015 09:04 AM, Paul Wouters wrote:
Am I the only one who is constantly locked out of their X session on
fedora 22? Once the screen locks, it refuses my actual password to
unlock. Even killing X with ctrl-alt-backspace doesn't help because
it will
my f19 settings were
interfering.
Paul
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
n a while but overal it works
pretty reliably.
Paul
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
t without
whitelists and blacklists, which are in itself not a very good solution.
This problem is similar to the network join problem itself. Is this wifi
network trusted? Since coffeeshops use WPA with passwords scribbled on
the whiteboard, we have no other way than asking the user
ssumption has always
been broken for browsers already, who keep their own cache.
Paul
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
al IP or internal IP without you needing to do a
thing.
Paul
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
go back to rely on the system one, perhaps.
I don't think so. Firefox does that to avoid DNS rebinding attacks.
Paul
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
well? The problem is dnsmasq is not as feature complete as unbound
(and its dnssec implementation is very new).
I think most people end up running dnsmasq because of KVM/libvirtd ? I
think those dnsmasq's should be run in "dhcp only" mode and point to
the hosts's unbound.
Paul
-
not duct taped this way.
I look forward to your proposal to POSIX and its acceptance :)
Paul
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
un an unbound daemon, but rely
on something like getdns or edns-query-chain and just the DNSSEC
root key to do their validation.
Paul
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
gpkey-milter to the bug item.
Paul
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
I had gdm issues on my f19 to f22beta upgrade too. Startx worked. Worse, the
lock screen cannot unlock. Claims wrong passwd. Killing Xorg just led to
restarted locked screen. Only way out was init 1
Sent from my iPhone
> On May 14, 2015, at 16:01, Adam Williamson wrote:
>
> Hi folks!
>
> We
he
files are in the same directory, so this seems a reasonable way to do things.
Seems like a good match to put into libexec to me,
Paul
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
The grepmail stack (perl-FileHandle-Unget, perl-Mail-Mbox-MessageParser,
grepmail) has changed from GPL+ to GPLv2 in Rawhide.
Paul.
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of
On Mon, 30 Mar 2015, Michael Cronenworth wrote:
On 03/30/2015 08:39 AM, Paul Wouters wrote:
There are currently no flags set at all.
Check the flags on the attachment itself (your second link).
Ohh. there is shows up. How odd. Thanks. Now at least I know how
to get rid of it, although I
lags" set. In the past someone
set the review flag, which i think is why this is showing up for me. But
I cannot get rid of it.
I have a few more of these in the review category. How can I get rid of
these?
Paul
msekleta has asked you, specifically, to review the patch.
Perhaps setting th
few more of these in the review category. How can I get rid of
these?
Paul
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
ifi,
so it could also be just crappy wifi.
The dnsec-trigger package which I'm also running also has hotspot
detection, using http://hotspot-nocache.fedoraproject.org/ which
does not seem to cause tehse false positives.
Paul
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fe
ect.org/pipermail/scm-commits/Week-of-Mon-20150316/1539279.html
Paul.
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
The lightweight tag 'perl-Perl-Critic-1.125-1.fc23' was created pointing to:
8e3a900... Update to 1.125
--
Fedora Extras Perl SIG
http://www.fedoraproject.org/wiki/Extras/SIGs/Perl
perl-devel mailing list
perl-de...@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/perl-dev
t;
> >
> > Something definitely doesn't work right.
> >
> Isn't it Alpha freeze right now?
That shouldn't make any difference. The request for push to stable
isn't honored until the freeze is over. That's what's happened before
anyway.
Paul.
--
devel
I said it when they closed X ctrl-alt-backspace and I'll say it now.
When you are on console with the power plug, preventing these actions
is stupid.
Paul
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fe
Summary of changes:
c157510... Update to 0.18 (*)
(*) This commit already existed in another branch; no separate mail sent
--
Fedora Extras Perl SIG
http://www.fedoraproject.org/wiki/Extras/SIGs/Perl
perl-devel mailing list
perl-de...@lists.fedoraproject.org
https://admin.fedoraproject.org/mail
o change. When teams see a change coming up
they know will cause them work or breakage, they can proactively reach
out to engage. In fact, anyone can facilitate such a conversation.
Also, a side note: A book I read on communication in relationships
once (I think it was "That's Not What
g content would then appear in build.log
Paul.
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
day it would
> mean going back to the state of Fedora Core 6
This isn't correct. The division of Core/Extras was based on who was
allowed to touch packages which isn't part of this proposal. That
wasn't a sustainable way to build community.
--
Paul W. Frields
omponent of OSAS also knows who they are, and
can contribute as needed to the application process.
Regardless of how critical the GSoC projects are, they're a good way
to mentor open source contribution. And as they say, the rising tide
lifts all ships.
If there are questions about the admin
being raised about missing
dependencies when people try to use that optional functionality.
If there was consensus about use of soft dependencies, that would
probably help a lot in the Perl world.
Paul.
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/
On Sun, 1 Feb 2015, Björn Persson wrote:
Paul Wouters wrote:
paul@bofh:~$ openpgpkey --fetch pwout...@fedoraproject.org
openpgpkey: /var/lib/unbound/root.anchor is not a file. Unable to use
it as rootanchor
Huh?
turns out a bug in %post of unbound-libs. I pushed a fix into rawhide.
I&#x
On Thu, 29 Jan 2015, Petr Spacek wrote:
Fedora is probably the First to use OPENPGPKEY at a large scale.
https://tools.ietf.org/html/draft-ietf-dane-openpgpkey-01
Paul, thank you for doing this experiment! I definitely support it.
For people who do not watch dane-list closely, please keep
On Thu, 29 Jan 2015, Vít Ondruch wrote:
Dne 28.1.2015 v 21:34 Paul Wouters napsal(a):
openpgpkey --fetch pwout...@fedoraproject.org
$ openpgpkey --fetch pwout...@fedoraproject.org
Error: query data is not secured by DNSSEC - use --insecure to override
It's time for you to start
l addresses for different
release keys. So they would all be under fed...@fedoraproject.org.
I could put them under fedor...@fedoraproject.org ?
Paul
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
-slinger package:
paul@bofh:~$ openpgpkey --fetch pwout...@fedoraproject.org
-BEGIN PGP PUBLIC KEY BLOCK-
Comment: pwout...@fedoraproject.org key obtained from DNS
Comment: key transfer was protected by DNSSEC
Version: GnuPG v1
[blob]
Note that during FAS processing I found out that:
1
Hi,
I just orphaned bfgminer.
It's a few years out of date now and it's just too low priority for my
to pick it up.
Paul
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
to manually configure /etc/unbound/unbound.conf?
You shouldn't need to.
No clue why behavior changed after unplug/replug enet cable.
I did NOT try logout/login or reboot.
Did unbound get started at all then?
Paul
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.o
ound it by running some yum install in %post, where it
is available. So it's not urgent. I just wanted to convey my
surprise. I expected a "net install" to have access to everything.
Paul
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/list
to the gnome
project without this ending up in mud fights flamewars or threats?
Paul
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
give me a few engineers for
a few months :P
Paul
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
data. It can at
most withold it and even that will be detected by the stub using it as
a forwarded (and it will stop using the DNS server and try to work
around it - we would do that via dnssec-trigger for now)
This is exactly why DNSSEC will have to go onto the stub resolvers.
Paul
--
deve
king a few trustworthy parties is hard.
In the last round of "we cannot trust governments for DNS, let's use
the peer to peer dns and use the blockchain", I wrote up:
https://nohats.ca/wordpress/blog/2012/04/09/you-cant-p2p-the-dns-and-have-it-too/
Paul
--
devel mailing list
deve
rvers) was an excellent choice. Yes, an attacker
with enough resources can find out "secret" hostnames, but so can
pervasive monitors like the NSA by just vaccuming plaintext data. These
"secrets" should never be relied upon.
Paul
--
devel mailing list
devel@lists.fedoraproject.o
301 - 400 of 2194 matches
Mail list logo
