On 23-09-2022 18:54, Philip Prindeville wrote:
Anyway, I suggested that they standup a second pair of DNS servers,
this time with DNSSEC enabled, and let their customers decide if
streaming is more important than security. Waiting to hear back...
How many ISP's squelch DNSSEC like that? I hope it's not a common
practice!
Mine doesn't. I agree with you that there are better solutions to the
problem(s) described than turning of DNSSEC completely.
Nevertheless, I run my own recursive DNS server using OpenNIC's root
server, thus bypassing my ISP completely.
-- Sandro
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users