[dns-operations] my answer to "i heard dnssec was a ddos threat, should i avoid it?" on serverfault today

Rodgers, Anthony (DTMB) RodgersA1 at michigan.gov
Wed Jan 6 22:06:27 UTC 2016


I'm going to print this out and frame it.

Choice bits:

"If you don't want to use DNSSEC, let it be because you have not yet drunk the Kool Aid and you want to be a last-mover (later) not a first-mover (now)."

"DNS RRL is free, and every authority server should run it."

--
Anthony Rodgers
Security Analyst
Michigan Security Operations Center (MiSOC)
DTMB, Michigan Cyber Security

From: dns-operations [mailto:dns-operations-bounces at dns-oarc.net] On Behalf Of Paul Vixie
Sent: Wednesday, January 06, 2016 15:50
To: dns-operations at dns-oarc.net
Subject: [dns-operations] my answer to "i heard dnssec was a ddos threat, should i avoid it?" on serverfault today


http://serverfault.com/a/747213/330420



gosh darn, what a grump.



--

P Vixie
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.dns-oarc.net/pipermail/dns-operations/attachments/20160106/012d4e19/attachment.html>


More information about the dns-operations mailing list