11 Jun
2021
11 Jun
'21
1:20 p.m.
It appears that Tom Ivar Helbekkmo via NANOG <tih@hamartun.priv.no> said:
John Levine <johnl@iecc.com> writes:
I have signed all 300 zones on my DNS servers, but only about half of them have working DNSSEC because there is no practical way to install the DS records.
Sounds like ICANN, having told us for a very long time that they want DNSSEC everywhere, should attempt to get a requirement in place that registrars have to make it reasonably easy for customers to get those DS records installed. ...
Hahahahaha. At ICANN, anything that might put even the tiniest extra cost on registrars is a non-starter. Look at the endless fight about WHOIS redaction.