Viktor Dukhovni <[email protected]> wrote: > It seems that DNSSEC deployment *is* by far the main obstacle. > Registrars need to support DS RRs and ideally be able to host DNSSEC > domains. Unlike registries looking after one or a handful of > domains, registrars host thousands to millions of domains. One of > the issues raised at the DENIC meeting, is that DNSSEC-capable > nameserver software that scales well to very large zone counts is > by no means abundant. Reportedly only PowerDNS comes close, and > at least some registrars are reluctant to put all the eggs in one > basket and rely on just a single software platform.
Is it a question of the signing infrastructure, or the publication infrastructure? -- Michael Richardson <[email protected]>, Sandelman Software Works -= IPv6 IoT consulting =-
pgpga1RKKstBc.pgp
Description: PGP signature
_______________________________________________ dane mailing list [email protected] https://www.ietf.org/mailman/listinfo/dane
