<html><head></head><body>Reading a lot of this stuff suggests at most that DNSSEC is being overhyped and poorly implemented.<br>
<br>
As a reason to abandon work on deploying DNSSEC so that it's easier to instantiate man in the middle attacks I find it unconvincing.<br>
<br>
Is there an alternative?<br><br><div class="gmail_quote">On May 8, 2014, Maciej Soltysiak <maciej@soltysiak.com> wrote:<blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;">
<div dir="ltr"><div><div><div><div>Hi,<br /><br />I read a twitter conversation last night where somebody said DNSSEC is harmful. I asked why and I got this littany of issues: <a href="http://ianix.com/pub/dnssec-outages.html">http://ianix.com/pub/dnssec-outages.html</a><br />
<br /></div>I was blown away not only by the sheer evidence of outages, but especially by the quotes in last sections: Miscellaneous and What a mess.<br /><br /></div>I don't know, have a look, I just wanted to share as I wasn't aware of things that didn't go well with DNSSEC. I'm not suggesting anything re Cerowrt here.<br />
<br /></div>Best regards,<br /></div>Maciej<br /><br /></div>
</blockquote></div><br/>-- Sent from my Android device with <b><a href="https://play.google.com/store/apps/details?id=com.onegravity.k10.pro2">K-@ Mail</a></b>. Please excuse my brevity.</body></html>