It appears that Michele Neylon - Blacknight via anti-abuse-wg <mich...@blacknight.com> said: >-=-=-=-=-=- >-=-=-=-=-=- > >Serge > >Several ccTLD registries have given discounts for DNSSEC. > >What is unclear is how many of the domains with DNSSEC enabled are in active >use, so the lack of �problems� could be simply down to a complete lack of us / >ignorance that the technology was enabled. > >My main issue with focus on DNSSEC is that it is seen being a �good use� of >resources, so small registries who should invest in other things that are >fundamentally more important feel obliged to enable >it. There�s also the entire �I�ve got DNSSEC so now my domain / site / service >is secure� belief. Much like people who think that smacking an SSL cert on >their site magically renders it secure.
It makes sense if you're likely to be a phish target or you're sophisticated enough to use DANE. DNSSEC works pretty well for Comcast. I agree that for random little private domains the benefit is marginal. R's, John
-- To unsubscribe from this mailing list, get a password reminder, or change your subscription options, please visit: https://lists.ripe.net/mailman/listinfo/anti-abuse-wg
