[Dnssec-trigger] Captive portal detection for DNSSEC-Trigger?

Phil Regnauld regnauld at nsrc.org
Tue Apr 3 12:31:57 UTC 2012


Jan-Piet Mens (jpmens.dns) writes:
> 
> DNSSEC-Trigger could probably easily do similarly, deactivating DNSSEC
> during "captivity" and attempting a few minutes later to enable DNSSEC.
> 
> Is this realistic?

	That's a policy decision, being made on behalf of the user, that
	their resolution will be insecure for a certain amount of time - they
	should be told.

	I like the idea of the detection, but there may be a smarter way than
	waiting a predefined amount of minutes.

	Cheers,
	Phil



More information about the dnssec-trigger mailing list