[dnssec-deployment] What does DNSSEC enable?
paul at vix.com
Wed Jan 12 15:30:22 EST 2005
> > we can successfully use this tactic and we will never be blamed,
> > yelled at, sued, called bad names, or otherwise made to pay for our
> > mischief.
> Who is we in this case? We as in protocol engineers and DNSSEC entusiasts
> will never be blamed... but "we" as in those who deploy the authoritative
> infrastructure and "we" who are perceived to do careful validation during
> key-exchanges might be blamed (or am I infected to much with US liability
it's "we" who use pki-sounding justification for why other folks ought to
deploy dnssec. by the time they figure out that we really just wanted to
secure the NS chain and other than dns itself, no dnssec applications exist,
we'll be long gone.
More information about the Dnssec-deployment