[systemd-devel] negative trust anchors not working with non TLD domain names
Sean Dague
sean at dague.net
Thu Apr 20 21:10:32 UTC 2017
On 04/20/2017 07:05 AM, Lennart Poettering wrote:
> On Wed, 19.04.17 07:12, Sean Dague (sean at dague.net) wrote:
>
>> I just upgraded to Ubuntu 17.04 (systemd 232) where systemd-resolved is
>> turned on by default, which means DNSSEC validation on by default.
>
> The DNSSEC code got substantially updated in 233. Any chance you can
> retest with something more current?
>
> Lennart
I rebuilt systemd 233 out of debian experimental on a VM, and after
installing that in a fresh 17.04 environment, the local lookup case
seems to be working fine. I'll go report that to the distro. Are there
specific patches that they should be looking at here to fix this
behavior, or is it extensive enough that the answer is just that it's
going to need a full version bump?
-Sean
--
Sean Dague
http://dague.net
More information about the systemd-devel
mailing list