> On 14 Feb 2016, at 5:40 AM, Dave Crocker <[email protected]> wrote: > > > On 2/13/2016 2:42 AM, Patrik Fältström wrote: >> On 13 Feb 2016, at 5:35, Viktor Dukhovni wrote: >> >>> Yes, I understand that DNSSEC is at present and may indefinitely remain too >>> high a bar. >> >> It is too high a bar just because this is repeated over and over again. Not >> because it really is. > > > Please explain. The continuing lack of widespread adoption is only due to > what? The fact that people keep saying it's too hard? It would be easy if > only they would realize it? > > When a market is glacially slow to adopt something, it does not help much to > blame the market. >
two graphs: http://bit.ly/1QJxNo0 http://bit.ly/1LHZRa3 These two graphs tell me that by the reasoning you are providing about DNSSEC (“glacially slow” adoption) IPv6 is a complete and total waste of our collective time. Today we see some 1 in 6 users using DNS resolvers that will perform DNSSEC validation in signed responses. 1 in 6. Thats some half a billion users will validate DNSSEC signed responses - AND WILL NOT GO TO A BADLY SIGNED NAME. By comparison, how’s V6? 1 in 20 users will use IPv6. I find it impossible to reconcile the mood of doom and depression surrounding DNSSEC I read from this post and others in a similar vein, while at the same time observing the sunny, and by this metric completely insane, optimism of the IPv6 proponents. Sometimes the lies we tell ourselves just get in the way. This is one such case. regards, Geoff _______________________________________________ dane mailing list [email protected] https://www.ietf.org/mailman/listinfo/dane
