14 DAY TRIAL // After having proposed the Cinnamon and Netizen Spins for the upcoming Fedora 23 Linux operating system, Jan Kurik comes with yet another interesting proposition: the addition of a default local DNS resolver.
The "Default Local DNS Resolver" proposal will be a system-wide change for Fedora Linux, as the need for a trusted Domain Name System Security Extensions (DNSSEC) validating local resolver running on 127.0.0.1:53 is currently much higher than expected.
The implementation of a local DNS resolver in Fedora 23, which must be trusted for DNSSEC validations running on localhost on port 53, will be in the /etc/resolv.conf file, as the only name server entry. The trusted local resolver will then be used by the system for transitory name servers, as DNSSEC validation will be performed locally.
Any other automatic name server entries that are received via dhcp/vpn/wireless configurations should be stored separately in NetworkManager's configuration files.
"There are growing instances of discussions and debates about the need for a trusted DNSSEC validating local resolver running on 127.0.0.1:53," reads the proposal. "There are multiple reasons for having such a resolver, importantly security & usability. Security & protection of user's privacy becomes paramount with the backdrop of the increasingly snooping governments and service providers world wide."
The user's security is extremely important to Fedora developers
As more and more people install and use Fedora Linux on mobile or portable devices, such as laptops, security is extremely important when connected to various public networks, which offer automatic DNS configurations that are not trustworthy for DNSSEC validation. Also, the Fedora is lacking a local DNS resolver.
As such, Fedora Linux badly needs a default local DNS (Domain Name System) resolver that can be used to establish trust between the computer where Fedora is installed and the respective public network that offers unreliable name servers, which in most cases leads to a frustrating user experience.