From: Ned Freed [mailto:ned(_dot_)freed(_at_)mrochek(_dot_)com]
Indeed, although I have to say that in my experience DNSSEC
deployments are rare. I wish it were otherwise but that's
been my observation. As you have pointed out elsewhere, the
necessary impetus to deploy doesn't seem to exist.
I doubt that this will remain the case if I get my way with DNS policy.
People outside core DNS infrastructure providers are unlikely to deploy
security mechanism for an existing infrastructure until they are convinced that
there is a very serious need to do so. Unless the role of the DNS changes that
is only likely to occur if there is a very significant event.
There are two benefits to deploying a comprehensive DNS based policy
infrastructure:
1) It will make the Internet much easier to administer and use
2) It will motivate deployment of security infrastructure for DNS providing a
single ended adoption benefit to early adopters before critical mass is reached
to drive the network effect.
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf