The rationale in OMB memo M-18-23 for withdrawing the DNSSEC requirement in M-08-23 doesn't seem very convincing: we don't need this anymore because everyone should already have DNSSEC by now?
> M-08-23, Securing the Federal Government's Domain Name System Infrastructure (August
22, 2008)
> OMB is rescinding memorandum M-08-23, which provides additional guidance on the
Domain Name System (DNS), specifically focusing on new security protections for the Federal
DNS. The requirements in this memorandum are outdated; agencies already should have
implemented these security protections.
> M-08-23, Securing the Federal Government's Domain Name System Infrastructure (August 22, 2008)
> OMB is rescinding memorandum M-08-23, which provides additional guidance on the Domain Name System (DNS), specifically focusing on new security protections for the Federal DNS. The requirements in this memorandum are outdated; agencies already should have implemented these security protections.