Julien Lepiller <jul...@lepiller.eu> skriver: > Le 16 avril 2021 12:15:25 GMT-04:00, Leo Famulari <l...@famulari.name> a > écrit : >>On Fri, Apr 16, 2021 at 11:00:05AM +0000, bo0od wrote: >>> Scanning Guix website gave many missing security features which >>modern >>> security needs them to be available: >>> >>> * TLS and DNS: >>> >>> looking at: >>> >>> https://www.hardenize.com/report/guix.gnu.org/1618568751 >>> >>> https://www.ssllabs.com/ssltest/analyze.html?d=guix.gnu.org >> >>Thanks! >> >>> - DNS: DNSSEC support missing (important) >> >>Hm, is it important? My impression is that it's an idea whose time has >>passed without significant adoption. >> >>But maybe we could enable it if the costs are not too great. > > gnu.org does not have dnssec, so we'd need them to work on that first.
gnu.org used to have DNSSEC, but disabled it because it gave NXDOMAIN on machines with systemd-resolved: https://github.com/systemd/systemd/issues/9867
signature.asc
Description: PGP signature
