[anti-abuse-wg] IS3C public consultation on an alternative narrative to deploy Internet standards
- Previous message (by thread): [anti-abuse-wg] IS3C public consultation on an alternative narrative to deploy Internet standards
- Next message (by thread): [anti-abuse-wg] IS3C public consultation on an alternative narrative to deploy Internet standards
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
John Levine
johnl at taugh.com
Mon Mar 11 22:30:26 CET 2024
It appears that Michele Neylon - Blacknight via anti-abuse-wg <michele at blacknight.com> said: >-=-=-=-=-=- >-=-=-=-=-=- > >Serge > >Several ccTLD registries have given discounts for DNSSEC. > >What is unclear is how many of the domains with DNSSEC enabled are in active use, so the lack of “problems” could be simply down to a complete lack of us / ignorance that the technology was enabled. > >My main issue with focus on DNSSEC is that it is seen being a “good use” of resources, so small registries who should invest in other things that are fundamentally more important feel obliged to enable >it. There’s also the entire “I’ve got DNSSEC so now my domain / site / service is secure” belief. Much like people who think that smacking an SSL cert on their site magically renders it secure. It makes sense if you're likely to be a phish target or you're sophisticated enough to use DANE. DNSSEC works pretty well for Comcast. I agree that for random little private domains the benefit is marginal. R's, John
- Previous message (by thread): [anti-abuse-wg] IS3C public consultation on an alternative narrative to deploy Internet standards
- Next message (by thread): [anti-abuse-wg] IS3C public consultation on an alternative narrative to deploy Internet standards
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]