[Dnssec-trigger] dnssec-trigger release 0.6

W.C.A. Wijngaards wouter at NLnetLabs.nl
Fri Oct 21 14:27:54 UTC 2011 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Paul,

On 10/21/2011 04:22 PM, Paul Wouters wrote:
> On Fri, 21 Oct 2011, W.C.A. Wijngaards wrote:
> 
>> Dnssec Trigger 0.6 is release, get it at our new webpage:
> 
>> Changelog
>>    * detect transparent proxies and avoid them.
>>    * Fix insecure mode after dnstcp443 has been probed.
>>    * Fix race condition between system and dnssec-trigger where briefly
>> the DHCP insecure response was dominant. On OSX and Windows a system
>> preference (like from the control panel) is created. On Linux chattr
>> immutable, on BSD chflag immutable. On exit, it enters 127.0.0.1 even if
>> in insecure mode, so that a later reboot will be secure. The override is
>> removed on uninstall.
>>    * windows package work, tested Vista.
>>    * the dnssec-trigger-panel (gtk2 without libappindicator) works on
>> the XFCE desktop.
>>    * libappindicator support, for Ubuntu Unity desktop GUI. Just
>> install libappindicator-dev and build and a Unity GUI tray icon is
>> produced.
>>    * can build outside of sourcedir.
>>    * Manpage fixes
>>    * Add @ to echo in Makefile.
>>    * print error on control unknown command, and exit status 1.
> 
> Can we get an option to specify the port 80/443 fallback server? :)

It exists:
tcp80: <IP>
tcp443: <IP>
in dnssec-trigger.conf adds more entries.  Just add more of these lines
to enable more servers.  The nlnetlabs server is there as a start (you
can remove the lines with .42 in them to disable if you do not want to
send queries to nlnetlabs).

> Or perhaps we can start a project where create a web of these things for
> people?
> (with list distribution in DNS just to give us another challange :)

Yes more servers can be useful if the project grows in deployment.
Right now the server has a very low rate - only a few people test.

Best regards,
   Wouter
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.15 (GNU/Linux)
Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJOoYFqAAoJEJ9vHC1+BF+NZqMP/1zuORI7UIMHzkxAUAAdUNTS
V8Du26JqLz4IcQQnLiKFTSR9rspF3I0Eg8vHML/V+oB4LRnmK6TxAt1JiVC+T1Tk
Rc3olpts4rEL1yUq0INaRe5Wk8VFQVTh/EyXLVgKOni2xf0mNOw2KF0RKcX6ptb0
V7y3Gz35b+Du35gT8zf91KGCS299LjNF/3G3fsPd7WlmZFVBeBFboSK0DXpbxync
qXBy1dNL33uzc+TczY3S7lRuAlLox7HrSXt2RDJ0+ZTh9meoebneaihPfj/E9Ypn
B854da5pj2iq32+4f5YWeOnKRPBxN0aTSLVwKjWs6CLFNaen6yE5zBEqzC2BEMWh
xXJNqaGJwkMOOyHX5HUalepCIJkthM8+IH5m1tD8as+GOeu/DG83AjPdpMyZzcra
7c/Dsx8uaTVEEtJO3tPBJXW7inCH4a6YQHbBf72FKXJK1xe37oFcIaTDUy5jMPSA
IB2oxR59H8mdC/AJusLTe22gYWXW/KFx3Oz7kNoqW6sdRDb6j30DcPitI4rVqboU
p3VOE177x3zx5mSoArS3mHd/5y3gxwv2KHg9hp38gmV4QJ00If8jKnSKCPem/Wo1
Tx6FaK1XTUFTzJtK8Tu3yhWbuXzdmzxVjgO+uMnO70BPONjPU9KdIFga44eN/Vnf
8U4NHaQBYIWeNUV+DD14
=3MRX
-----END PGP SIGNATURE-----

More information about the dnssec-trigger mailing list