> Not really. This type of redirection is generally done at the ISP's > caching server. As such, the only way this would impede DNSSEC is if > the ISP blocks their customers from running (validating) caching > servers themselves. why wouldn't an ISP do that, if they need this eyeball revenue to make net?