[Dnssec-trigger] dnssec-triggerd behaviour when hotspot_signon called
Tomas Hozza
thozza at redhat.com
Wed Dec 4 15:59:22 UTC 2013
Hi.
I would like to discuss if the dnssec-triggerd behaviour
when doing hot spot sign-on is really correct. At the moment
dnssec-trigger writes nameservers obtained from DHCP into
the /etc/resolv.conf on Linux.
Wouldn't be better if it would set DNS servers obtained
from DHCP (regardless if they support DNSSEC) as forwarders
in unbound and also disable the validator module?
When going back to the "secure" mode it could just enable
the validator module and do the reprobing and set forwarders
based on the probing results.
Thank you.
Regards,
Tomas Hozza
More information about the dnssec-trigger
mailing list