Validating DNSSEC support
(Domain Name System Security) is mechanism which provides integrity and authenticity of DNS data. It became more important after new Kaminsky DNS poisoning attacks were found in early 2008. The domain-name organizations start to support them for regular usage. Especially:
ROOT (.) will be signed starting from July 15, 2010. ARPA is offers signing since 17 March 2010. And several country TLD already use or have test-bed DNSSEC implementations (e.g. .cz, .se, .ch, .de, .pm, .us, (soon:) .eu, .fr, etc.).
It should be thus possible to enable a validating DNSSEC lookup (cf. also
Fedora's DNSSEC implementation , which pre-dates the DNS-ROOT signing and thus is a bit arkward). As DNSSEC is not widely implemented and since issues like key rollover or lost interest occur, the checking should be easily dis-/enable - and probably not be enabled by default, yet. Another reason for not enabling it by default is that some internet home gateways have caching PROXI DNS servers which cannot handle UDP DNS for packages larger than 512 Bytes (cf. change from RFC 1035 to RFC 2671).
Set user benefit
You can add different relations here, for example duplicate features, obs projects, urls...
To embedd an image you can simply upload it to paste.opensuse.org and add a relation to its raw url.
Set release notes
Last change: 4 years ago