[dns-operations] Quad9 DNSSEC Validation?
Paul Vixie
paul at redbarn.org
Mon Mar 1 18:21:28 UTC 2021
On Mon, Mar 01, 2021 at 08:21:21AM -0500, Jim Popovitch via dns-operations wrote:
> ...
>
> Over on the email side, I know of several instances in the past 5+ years
> where email providers have had to disable TLS and/or DANE/DNSSEC checks
> (i.e. postfix's smtp_tls_policy_maps) for .mil and .gov domains due
> mostly in part for poor key rollover management practives/monitoring.
so, this is a game of "chicken" where the wrong people keep flinching.
--
Paul Vixie
More information about the dns-operations
mailing list