It's really worrisome that the practical DNSSEC implementation (code
and operation) is this hard.
Right now it's basically only used and developed by the brightest and
most motivated people possible, and yet there seems to be a rather
continuous stream of trouble...
:-/
- ask