Masataka,
No, it won't. As David already pointed out, people not interested
won't
set the DO bit so won't ask for DNSSEC.
I'm talking about people who have, foolishly enough, interested in
DNSSEC and asked for DNSSEC information sometimes in vain.
If they have configured DNSSEC, then they either are aware of the
operational issues that concern folks or will quickly learn of the
issues. If they are aware of the issues, then presumably they can
help debug the infrastructure that is failing to provide them the
information they are asking for. If they are unaware of the issues,
they can either learn and/or turn DNSSEC validation off at the first
sign of problems.
And, the result is the instability.
The result, if they are unhappy with the behavior DNSSEC causes, will
be to turn off DNSSEC until the issues that made them unhappy are
resolved (e.g., new caching server software that makes using DNSSEC
less onerous).
According to your logic, no one should turn on IPv6 since it will
obviously cause instability. An interesting point of view.
Thank you and David for being a example of people blindly requesting
for DNSSEC without understanding its so obvious negative effects, in
addition to not so obvious lack of its positive effects.
Yawn. Thank you for living up (or perhaps more accurately, down) to
my expectations.
Regards,
-drc
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop