DNSSEC adoption
Randy Bush
randy at psg.com
Tue Aug 2 17:38:20 UTC 2022
>> my guess is that they see dnssec as fragile, have not seen _costly_
>> dns subversion, and measure a dns outages in thousands of dollars a
>> minute.
> No one wants to be this guy:
> http://www.dnssec.comcast.net/DNSSEC_Validation_Failure_NASAGOV_20120118_FINAL.pdf
so, to me, a crucial question is whether dnssec ccould be made to fail
more softly and/or with a smaller blast radius?
randy
More information about the bind-users
mailing list