nanog mailing list archives
Re: DANE of SMTP Survey
From: "John Levine" <johnl () iecc com>
Date: 11 Jun 2021 12:44:38 -0400
It appears that Tom Ivar Helbekkmo via NANOG <tih () hamartun priv no> said:
Jeroen Massar via NANOG <nanog () nanog org> writes:No, not even kidding. For many organisations DNSSEC is 'scary' and a burden as it feels 'fragile' for them.Unfortunately, yes. And those of us who use it know that this is a myth. With modern software, DNSSEC is quick and easy to set up, and works just fine, with no reason for any problems. ...
I wish that were true. I have signed all 300 zones on my DNS servers, but only about half of them have working DNSSEC because there is no practical way to install the DS records. For names that are registered through my registrar reseller account, it's easy since my registrar (Tucows) has an API. But for the rest of them that my users have registered somewhere else, either I have to try and walk them through the process of uploading the DS data themselves, or they have to give me their account passwords, neither of which is workable if you have 100 domains, much less thousands. I know about CDS, and have tried publishing CDS, but none of my unsigned domains are at the handful of registries that do CDS bootstrapping. I've been grousing about this at the IETF and ICANN for years, people say yes, that's a problem, and nothing happens.
Current thread:
- Re: DANE of SMTP Survey, (continued)
- Re: DANE of SMTP Survey Mark Tinka (Jun 02)
- Re: DANE of SMTP Survey babydr DBA James W. Laferriere (Jun 04)
- Re: DANE of SMTP Survey Mark Tinka (Jun 08)
- Re: DANE of SMTP Survey Mark Andrews (Jun 03)
- Re: DANE of SMTP Survey Bjørn Mork (Jun 02)
- Re: DANE of SMTP Survey Jeroen Massar via NANOG (Jun 02)
- Re: DANE of SMTP Survey Scott Morizot (Jun 02)
- Re: DANE of SMTP Survey Jeroen Massar via NANOG (Jun 02)
- Re: DANE of SMTP Survey Mark Tinka (Jun 02)
- Re: DANE of SMTP Survey John Levine (Jun 11)
- Re: DANE of SMTP Survey Tom Ivar Helbekkmo via NANOG (Jun 11)
- Re: DANE of SMTP Survey John Levine (Jun 11)