Hopefully this will be of some interest. I had a bit of time over Christmas so got round to doing my annual(ish) survey of how widely various security related DNS records ( CAA, SPF, DMARC, DNSSEC etc. ) have been adopted. Adoption rates are backsliding compared to previous years if anything.
If this is due to lack of perceived business benefit, cost of adoption or lack of awareness I don't know. I do suspect that either some thing needs to be done to promote a wider adoption or they need to be consigned to history to free up resources to find better solutions. There is a greater (though still tiny) adoption rate of SVCB/HTTPS records than there is of TSLA/DANE despite the former still being a draft standard. https://articles.scramworks.net/2020/12/the-state-of-dns-security-records-2020/ -- Robert Mortimer Nominet
_______________________________________________ dns-operations mailing list [email protected] https://lists.dns-oarc.net/mailman/listinfo/dns-operations
