undefined | Better HN

0 pointstptacek4d ago0 comments

Virtually no zones under .com/.net are signed, which was the only point I was making. It has no adoption here.

0 comments

Even if example.com is unsigned, the delegation from .com to example.com will still be signed (including an attestation that example.com is unsigned). So lack of DNSSEC adoption by users of the TLD wouldn't save them here.

cyberax4d ago

Sure. But that was not the issue with .de, it has about the same level of DNSSEC adoption as .com

DENIC screwed up the TLD itself, and .com/.net are just as susceptible.

j / k navigate · click thread line to collapse

0 comments

profmonocle4d ago

cyberax4d ago

Sure. But that was not the issue with .de, it has about the same level of DNSSEC adoption as .com

DENIC screwed up the TLD itself, and .com/.net are just as susceptible.

j / k navigate · click thread line to collapse