[dns-operations] summary of recent vulnerabilities in DNS security.

Jim Reid jim at rfc1035.com
Tue Oct 22 22:40:45 UTC 2013

On 22 Oct 2013, at 22:53, Rubens Kuhl <rubensk at nic.br> wrote:

> .nl and .cz got massive registrar adoption to DNSSEC offering business incentives, so it seems business side accounts for most of it. 

So where are the incentives for resolver operators? If they switch on DNSSEC validation and get extra calls to customer support as a result, who pays? How many calls does customer support get before this wipes out an ISP's profit margin? This is another hurdle that has to be overcome somehow if DNSSEC is to be adopted.

It's all well and good that registries offer bribes^Wincentives to their sales channel, but the demand side (ie validation) needs incentives too and their needs are very different from someone who sells domain names and DNSSEC signing services.

More information about the dns-operations mailing list