DNSSEC adoption
Randy Bush
randy at psg.com
Mon Aug 1 22:31:52 UTC 2022
> TLD Signed? Comments
> -------------- ------- --------
> google.com no
> gmail.com no
> youtube.com no
> apple.com no
> microsoft.com no
> amazon.com no
> walmart.com no
> outlook.com no
> 1e100.net no
> facebook.com no
> twitter.com no
> instagram.com no
> ibm.com no
> mozilla.org no
> wikipedia.org no
> redhat.com no
> w3c.org no
> bankofamerica.com no
>
> Does anybody have an explanation for why such big domains don't bother
> using DNSSEC?
my guess is that they see dnssec as fragile, have not seen _costly_ dns
subversion, and measure a dns outages in thousands of dollars a minute.
randy
---
randy at psg.com
`gpg --locate-external-keys --auto-key-locate wkd randy at psg.com`
signatures are back, thanks to dmarc header butchery
More information about the bind-users
mailing list