[dns-operations] .PL DNSSEC broken again

Paul Wouters paul at nohats.ca
Mon Jun 17 17:33:26 UTC 2019

On Mon, 17 Jun 2019, bert hubert wrote:

> The problem is that from an operator point of view, DNSSEC is optional.

Only because IETF does not have the guts to deprecate insecure spoofable DNS.

It's 2019 and we depend on unsigned data across the internet for core
infastructure. And now putting some transport security bandaids on it.


More information about the dns-operations mailing list