Serge

 

Several ccTLD registries have given discounts for DNSSEC.

 

What is unclear is how many of the domains with DNSSEC enabled are in active use, so the lack of “problems” could be simply down to a complete lack of us / ignorance that the technology was enabled.

 

My main issue with focus on DNSSEC is that it is seen being a “good use” of resources, so small registries who should invest in other things that are fundamentally more important feel obliged to enable it. There’s also the entire “I’ve got DNSSEC so now my domain / site / service is secure” belief. Much like people who think that smacking an SSL cert on their site magically renders it secure.

 

Regards

 

Michele

 

 

--

Mr Michele Neylon

Blacknight Solutions

Hosting, Colocation & Domains

https://www.blacknight.com/

https://blacknight.blog/

Intl. +353 (0) 59  9183072

Direct Dial: +353 (0)59 9183090

Personal blog: https://michele.blog/

Some thoughts: https://ceo.hosting/

-------------------------------

Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,R93 X265,Ireland  Company No.: 370845

 

I have sent this email at a time that is convenient for me. I do not expect you to respond to it outside of your usual working hours.

 

 

From: anti-abuse-wg <anti-abuse-wg-bounces@ripe.net> on behalf of Serge Droz via anti-abuse-wg <anti-abuse-wg@ripe.net>
Date: Monday, 11 March 2024 at 12:24
To: anti-abuse-wg@ripe.net <anti-abuse-wg@ripe.net>
Subject: Re: [anti-abuse-wg] IS3C public consultation on an alternative narrative to deploy Internet standards

[EXTERNAL EMAIL] Please use caution when opening attachments from unrecognised sources.

> Pushing for DNSSEC adoption by financial services, government and other
> “enterprise” users makes a lot of sense, but pushing it for all domains
> is a terrible idea and has more negative impacts than positives.


Not if it's done properly, i.e. by the hosting providers. Should your
aunt or uncle do it? Probably not.

Since SWITCH gives registrars a discount if they sign, the number has
risen dramatically, without any problems:
https://www.nic.ch/de/statistics/dnssec/

Best
Serge

--
Dr. Serge Droz
Member, FIRST Board of Directors
https://www.first.org

--

To unsubscribe from this mailing list, get a password reminder, or change your subscription options, please visit: https://lists.ripe.net/mailman/listinfo/anti-abuse-wg