18 Jun
2023
18 Jun
'23
3:53 a.m.
Matt Corallo wrote:
That's great in theory, and folks should be using DNSSEC [1],
Wrong. Both in theory and practice, DNSSEC is not secure end to end and is not very useful. For example, root key rollover is as easy/difficult as updating IP addresses for b.root-servers.net. Masataka Ohta