[dns-operations] DNSSEC disabling on systemd/Ubuntu required?
Florian Weimer
fw at deneb.enyo.de
Sat Apr 22 10:52:11 UTC 2017
* Robert Edmonds:
> It looks like the Debian/Ubuntu systemd package maintainers decided not
> to risk enabling DNSSEC by default in the upcoming releases. (Note the
> systemd version in Ubuntu "zesty" is currently 232-21ubuntu2 so this fix
> hasn't propagated yet.)
>
> systemd (232-22) unstable; urgency=medium
>
> [ Martin Pitt ]
> * resolved: Disable DNSSEC by default on stretch and zesty.
> Both Debian stretch and Ubuntu zesty are close to releasing, switch to
> DNSSEC=off by default for those. Users can still turn it back on with
> DNSSEC=allow-downgrade (or even "yes").
Is systemd-resolved used as the default caching resolver?
More information about the dns-operations
mailing list