[dns-operations] Enabling DNS split authority with OctoDNS | GitHub Engineering.
paul at redbarn.org
Thu Apr 27 21:08:45 UTC 2017
Patrik Fältström wrote:
> On 27 Apr 2017, at 20:22, Roland Dobbins wrote:
> I do not see signs of DNSSEC...
dnssec is widely seen as a way to make your dns service more fragile,
without adding support for any new apps, and without defending against
any threat model that's in any way common.
i would be shocked if github hadn't considered the cost/benefit of
making their design dnssec-capable, and i'd also be shocked had they
decided that dnssec was a must-have.
note, i personally use dnssec everywhere, and i'm hoping hard for DANE.
so, shooting the messenger would be particularly unjust in this case.
More information about the dns-operations