On Fri, Mar 08, 2024 at 11:11:40PM +0100, Joachim Lindenberg via Postfix-users
wrote:
> But is there any reason that prevents google to use DNSSEC other than
> the arrogance of power?
My read is that there is not sufficient market pressure to make it a
priority. Robust implementation at scale is non-trivial, (various
load balancers would need to do online DNSSEC signing) and resources
for work that is not a business priority are scarce.
I can more easily see "gmail.com" being signed, but even there the
incentives need to get stronger before that happens. Yes, mta-sts is an
ugly hack that makes it possible to somewhat sweep the problem under the
rug.
--
Viktor.
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
