>dnssec, ipv6, sav, anc, and a lot of other follow-on technologies, are >not make-money proposals, nor save-money proposals. it makes absolutely >zero business sense to do any of it unless you can be a late adopter >after others have (stupidly and/or selflessly) created a market for you.
To me, dnssec and anc are in a different category than ipv6 and sav. For ipv6 and sav, it makes almost no sense to do it locally. Both basically need global adoption to be truely useful. ANC can have immediate local benefits if it reduces the cost of running a resolver or if the performance of the resolver is noticeably better. In my experience, dnssec works very well for sshfp. And I think there are plenty of tls connections that would benefit from from tlsa. With tls becoming more and more wide spread, this includes a lot of traffic that is logically within one organisation. _______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
