On Aug 13, 2008, at 10:28 PM, Masataka Ohta wrote:
I presented the real-world statistical data to support my claim
that DNSSEC requires to much work. That is, it is hardly deployed
because it requires to much work.
I must have missed that message.
Does your personal experience have any statistical significance?
No.
Rather, what it
says is that .COM is not signed.
To be statistical, which you requested, how many TLDs among many are
signed?
Sounds like four. And with the root zone not signed, the pressure on
the TLDs to sign their zones is essentially zero. And at least
according to the latest article on DNSSEC in Wired, the reason why it
is not signed is that the agency currently responsible for operating
it wants to study the process further. No mention was made of the
difficulty of signing.
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop