* Marius Schwarz: > Am 04.11.19 um 23:52 schrieb Michael Cronenworth: >> cryptographic library into every process that queries an Internet host >>> name. That also applies to DNSSEC. >> >> The transition to DoT/DoH makes the resolv.conf file obsolete. Any >> discussion on removing it entirely? Default to looking at a local >> resolver. > > ahm.. in which way, does the use of encryption, make a sourcelist for > dns names to ask, obsolete?
Names or servers? > nscd i.e. uses resolv.conf as source for the round robin server list. With encryption, the server address will always be 127.0.0.1 (or potentially in the future, a UNIX domain socket) because pretty much all the current DNS client software does not support encryption. Running a small local cache has other benefits as well, such as caching server reachability information. Thanks, Florian _______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
