On 3/21/22 13:19, Bill Woodcock wrote:
The alternative to DNSSEC validation is man-in-the-middle compromises. We wouldn’t be doing DNSSEC validation if it caused more workload than man-in-the-middle compromises. Therefore the increased workload is negative, not positive.
Is that (economic) argument all there is to it? -- If so, wouldn't one expect all resolver operators to do DNSSEC validation? (Validation prevalence is far from 100%.) Best, Peter -- Like our community service? 💛 Please consider donating at https://desec.io/ deSEC e.V. Kyffhäuserstr. 5 10781 Berlin Germany Vorstandsvorsitz: Nils Wisiol Registergericht: AG Berlin (Charlottenburg) VR 37525 _______________________________________________ dns-operations mailing list [email protected] https://lists.dns-oarc.net/mailman/listinfo/dns-operations
