[dns-operations] Survey on DNS resolver operations and DNSSEC
Peter Thomassen
peter at desec.io
Mon Mar 21 12:59:08 UTC 2022
On 3/21/22 13:19, Bill Woodcock wrote:
> The alternative to DNSSEC validation is man-in-the-middle compromises. We wouldn’t be doing DNSSEC validation if it caused more workload than man-in-the-middle compromises. Therefore the increased workload is negative, not positive.
Is that (economic) argument all there is to it? -- If so, wouldn't one expect all resolver operators to do DNSSEC validation? (Validation prevalence is far from 100%.)
Best,
Peter
--
Like our community service? 💛
Please consider donating at
https://desec.io/
deSEC e.V.
Kyffhäuserstr. 5
10781 Berlin
Germany
Vorstandsvorsitz: Nils Wisiol
Registergericht: AG Berlin (Charlottenburg) VR 37525
More information about the dns-operations
mailing list