On Wed, May 11, 2016 at 04:55:43AM +0700, Aaron Zauner wrote:
> DNSSEC non-existent.
I do have some counter-examples to that claim, that have not only
DNSSEC, but also DANE TLSA records for inbound SMTP:
gmx.at
registro.br
gmx.ch
gmx.com
mail.com
bund.de
gmx.de
jpberlin.de
lrz.de
posteo.de
ruhr-uni-bochum.de
web.de
octopuce.fr
comcast.net
dd24.net
gmx.net
key-systems.net
mpssec.net
t-2.net
xs4all.net
xs4all.nl
debian.org
freebsd.org
gentoo.org
ietf.org
isc.org
openssl.org
samba.org
torproject.org
(and 30500 others that are less well known)
Yes, it is true that both DNSSEC and IPv6 still have some catching
up to do with vanilla DNS and IPv4, respectively. A sample of
DNSSEC adoption for a few TLDs:
TLD DNSSEC
---------- -----
.bank 100.0%
.ovh 46.4%
.amsterdam 24.9%
.email 1.4%
.edu 1.4%
.net 0.61%
.com 0.44%
.xyz 0.29%
.berlin 0.13%
.nyc 0.0066%
--
Viktor.
_______________________________________________
Uta mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/uta
