[dns-operations] Quad9 DNSSEC Validation?
vladimir.cunat+ietf at nic.cz
Sun Feb 28 20:14:28 UTC 2021
On 2/28/21 10:11 AM, Bill Woodcock wrote:
> We put in negative trust anchors where safe and necessary to keep things working for actual users, because if we don’t, we get drowned by support calls.
My (naive?) hope is that large validating services could form some
agreement to start acting stricter in this respect. Of course it's
often hard to argue that a breakage is the domain's fault as long as it
works almost everywhere else, but dnsflagday.net has shown that similar
arrangements are possible to pull off.
More information about the dns-operations