[dns-operations] DNSSEC deployment incentives
Bill Woodcock
woody at pch.net
Tue Jun 18 10:16:13 UTC 2019
When I authenticate to my server, I’d prefer it to actually be my server.
-Bill
> On Jun 18, 2019, at 10:55, Jim Reid <jim at rfc1035.com> wrote:
>
>
>
>> On 18 Jun 2019, at 01:17, Viktor Dukhovni <ietf-dane at dukhovni.org> wrote:
>>
>> On Mon, Jun 17, 2019 at 11:42:15PM +0100, Jim Reid wrote:
>>
>>>> What is the factor that stops them [Fortune 500] from signing their domains?
>>>
>>> Simple. There’s no compelling business justification or use case. If these
>>> existed, those zones would be signed. QED.
>>
>> Times change. The same could be said about IPv6
>
> Not really. The exhaustion of IPv4 addresses mean there are clear business justifications and use cases for IPv6 adoption. That can’t be said for DNSSEC. There may well be parallels in why uptake of these two technologies has stalled. However IPv6 is on much firmer foundations than DNSSEC is. The soundbite case for IPv6 is simple and easy to understand: 4 billion addresses isn’t enough for 7-8 billion people. What’s the equivalent for DNSSEC?
>
>
> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
> dns-operations mailing list
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
More information about the dns-operations
mailing list