[Dnssec-deployment] Comcast Begins DNSSEC Rollout

Joao Damas joao at bondis.org
Wed Oct 20 08:38:39 EDT 2010


Mats,

On 20 Oct 2010, at 09:00, <Mats.Dufberg at teliasonera.com> <Mats.Dufberg at teliasonera.com> wrote:
> The number of signed domains is still low. Under .SE less than 1% of the domains are signed,

sure 1% may seem low if you compare with 100%, but I do not believe all domains will need to make use of DNSSEC so it might be better to get an estimate of how many domains are likely to benefit from the use of DNSSEC (those who perceive using DNSSEC as a valuable thing for the domain) and compare against that.

It is true that benefit also has the other side, called cost, and that if cost is brought down (e.g. by having someone else take care of keeping your signed domain refreshed) then more domains may make use of it. It would still have costs associated with the increased complexity, which always brings a bit of increased fragility, but more domain holders would be on the positive side of the benefit/cost line.
Again, this is just a part of estimating the number of domains that may benefit from the use of DNSSEC so as to be able to get better estimates of relevant deployment

Joao


More information about the Dnssec-deployment mailing list