[Cerowrt-devel] "DNSSEC considered harmful"

David P. Reed dpreed at reed.com
Fri May 9 21:30:58 EDT 2014

Reading a lot of this stuff suggests at most that DNSSEC is being overhyped and poorly implemented.

As a reason to abandon work on deploying DNSSEC so that it's easier to instantiate man in the middle attacks I find it unconvincing.

Is there an alternative?

On May 8, 2014, Maciej Soltysiak <maciej at soltysiak.com> wrote:
>I read a twitter conversation last night where somebody said DNSSEC is
>harmful. I asked why and I got this littany of issues:
>I was blown away not only by the sheer evidence of outages, but
>by the quotes in last sections: Miscellaneous and What a mess.
>I don't know, have a look, I just wanted to share as I wasn't aware of
>things that didn't go well with DNSSEC. I'm not suggesting anything re
>Cerowrt here.
>Best regards,
>Cerowrt-devel mailing list
>Cerowrt-devel at lists.bufferbloat.net

-- Sent from my Android device with K-@ Mail. Please excuse my brevity.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.bufferbloat.net/pipermail/cerowrt-devel/attachments/20140509/a03b1ac9/attachment-0002.html>

More information about the Cerowrt-devel mailing list