bert.hubert at netherlabs.nl
Mon May 17 20:53:12 UTC 2010
On Mon, May 17, 2010 at 01:33:49PM -0700, Doug Barton wrote:
> On 05/17/10 13:30, Dave Knight wrote:
> > I just sent email to the address in the SOA RNAME for uspto.gov, pointed to the list archive for this thread and received a response 3 minutes later from someone already aware of the thread and the issues.
> An interesting counterpoint to Bert's FUD, thanks for sharing this. :)
They've known about it for months, Doug. So please stop accusing me of
"FUD". The datapoint is that they have not been able to get this solved.
I do not have an anti-DNSSEC agenda, and in fact, PowerDNS is offering some
very exciting DNSSEC features.
The only thing I'm trying to do on this dns-operations mailing list is to
inject some *operational* reality.
If you can't deal with this and have to label anything that even smells of
trouble as FUD, so be it - but you are wrong.
The serious message is this: if you want to further the cause of DNSSEC,
then do not close your eyes to bad news. The people you are trying to
stimulate to do DNSSEC will not thank you for it later on.
DNSSEC has but one chance - if it is perceived as too big an operational
risk, it will end up as something that only people with compliancy
obligations will actually deploy.
I'll let it rest here - we'll probably never agree, but please refrain from
positing that I'm spreading "FUD".
More information about the dns-operations