From Fedora Project Wiki

(DNSSEC for Fedora Infrastructure?)
No edit summary
Line 7: Line 7:
: dnsmasq forwards all the dnssec data, but it does not support to verify it. Afaik it is also not possible to enable dnssec for hostnames that are configured in /etc/hosts or in the dnsmasq config file. --[[User:Till|Till]] 10:33, 11 December 2008 (UTC)
: dnsmasq forwards all the dnssec data, but it does not support to verify it. Afaik it is also not possible to enable dnssec for hostnames that are configured in /etc/hosts or in the dnsmasq config file. --[[User:Till|Till]] 10:33, 11 December 2008 (UTC)


I think that "invulnerable" is a little to strong and that it should say something like "greatly hardened"
I think that "invulnerable" is a little too strong and that it should say something like "greatly hardened"


- [[User:Ausil]]
- [[User:Ausil]]


Is it already planned to get (part of) Fedora Infrastructure to use DNSSEC? This would be a nice thing to do. :-) --[[User:Till|Till]] 00:24, 17 December 2008 (UTC)
Is it already planned to get (part of) Fedora Infrastructure to use DNSSEC? This would be a nice thing to do. :-) --[[User:Till|Till]] 00:24, 17 December 2008 (UTC)

Revision as of 13:35, 29 December 2008

Can you coordinate with other dns server packages in fedora to support this if they support dnssec? In particular: pdns and maradns are both packaged.

How does this affect dnsmasq? Does it handle dnssec ok? libvirt makes heavy use of it.

- User:kevin

dnsmasq forwards all the dnssec data, but it does not support to verify it. Afaik it is also not possible to enable dnssec for hostnames that are configured in /etc/hosts or in the dnsmasq config file. --Till 10:33, 11 December 2008 (UTC)

I think that "invulnerable" is a little too strong and that it should say something like "greatly hardened"

- User:Ausil

Is it already planned to get (part of) Fedora Infrastructure to use DNSSEC? This would be a nice thing to do. :-) --Till 00:24, 17 December 2008 (UTC)