> On Jun 20, 2018, at 3:23 PM, Shane Kerr <sh...@time-travellers.org> wrote: > > Ondřej, > > Ondřej Surý: >> as far as I could find on the Internet there are only SIG(0) implementation >> in handful DNS implementations - BIND, PHP Net_DNS2 PHP library, >> Net::DNS(::Sec) Perl library, trust_dns written in Rust and perhaps others I >> haven’t found; no mentions of real deployment was found over the Internet >> (but you can blame Google for that)... >> >> Do people think the SIG(0) is something that we should keep in DNS and it >> will be used in the future or it is a good candidate for throwing off the >> boat? > > My guess is that any time you ask this working group if a feature is > important in DNS, the answer will be "yes", even if not a single system > is using it anywhere on the Internet and beyond. > > I wonder if there is any metric that dnsop would agree on to determine > whether a DNS feature is useful or not? > > Cheers, > > — > Shane
To be fair, he asked if it would be used in the future and that’s hard to measure. But given that the community hasn’t concentrated on security as much in the past as it will in the future, it seems that throwing security measures off the boat is premature. Tom _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
