On Wed, Apr 29, 2020 at 11:34 AM Paul Wouters <p...@nohats.ca> wrote:

> On Wed, 29 Apr 2020, Paul Vixie wrote:
>
> > no. i mean that the decision to require a "clear path" for DNSSEC meant
> that
> > no DNSSEC-dependent application has ever received investment. for
> example,
> > DANE is interesting in the SMTP market because that's small and geeky,
> but
> > will never be adopted by the Web because there are too many endpoints who
> > cannot do stub validation and too many who will never be able to.
>
> You seem to think that the Web(PKI) not accepting DNSSEC was a technical
> problem. While there were technical issues, I don't think the acceptance
> or not had anything to do with technology.
>

Nope, I'm fully aware of all the non-technical issues and resistance (and
have described some of that in the article). But there were a small
contingent
of web folks that were interested in DANE, and that might have been enough
to gain an initial foothold there. You have to start somewhere.

Shumon.
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop

Reply via email to