= Proposal topic =
Look into what dnssec-conf is attempting to do and help maintainer accomplish it.
= Overview =
Recent dnssec-conf updates have broken a number of people's system, and it turns out that there has been breakage going on for quite a while, hurting one of our biggest mirrors (kernel.org). The fact that dnssec-conf is now required by bind makes this much worse.
= Problem space =
Stop making Fedora look bad by breaking dns servers
= Solution Overview =
Review what dnssec-conf is attempting to do, find a way to make it happen without breaking users.
= Active Ingredients =
pwouters - dnssec-conf owner atkac - bind owner warthog9 - kernel.org sysadmin Any bind user
= Owners =
I'm filing it, but I don't really want to own it. I'd like FESCo to take up this task.
Unless there's a reason not to, I would recommend cc'ing pwouters and atkac (at a minimum) on this ticket, to ensure a good line of communication. This may be pointing out the obvious. :-) pwouters was very responsive when we had an initial problem with dnssec-conf, so regardless of whether the fix wasn't complete, he was trying to do the right thing and we should make sure to recognize that. The context I think Jesse is establishing above is one of understanding the problem and then giving him and atkac assistance as needed.
AIUI dnssec-conf itself is going away soon, and dnssec functionality will be part of the bind package itself, but don't take that as gospel.
Adding them to CC.
Yes, I would very much think of this as "How can we assist here or provide resources to assist you" rather than any finger pointing thing. ;)
dgilmore is going to work with bind/dnssec maintainers to get things sorted out.
Login to comment on this ticket.