Categories
Uncategorized

DNSSEC wasn’t worth it

In reply to Calling Time on DNSSEC? by Geoff Huston.

[… we] estimate that DNSSEC validation is performed around 1% of the time, given the DNS query profile of today’s data

I run my own authoritative nameservers and have had a slight nagging feeling that I should’ve enabled DNSSEC years ago. It’s been on my perpetual to-do list but I’ve never gotten around to it. I’ve definitely caused some outages trying to get DNSSEC to work.

Came across this article and it confirms that my procrastination was pretty OK in this specific case.

Leave a Reply

Your email address will not be published. Required fields are marked *