[dns-operations] Quad9 DNSSEC Validation?
paul at redbarn.org
Mon Mar 1 19:08:06 UTC 2021
On Tue, Mar 02, 2021 at 05:46:38AM +1100, Mark Andrews wrote:
> It also doesn???t help that Whois is not particularly useful. It has
> improved but if you can???t report faults they don???t get fixed.
right. agreed. the reliable signal for "wrong key or signature" has to be a
loss of incoming traffic and a lot of complaints from one's own users. we
won't be solving this with a cron job. NTA adds deliberate assymetry between
the costs of doing DNSSEC signing wrong and the costs of coping with that.
> Mark Andrews
More information about the dns-operations