|
|
|
|
|
|
by 8organicbits
120 days ago
|
|
|
> Requiring DNSSEC would exclude most domains and block adoption. I think this is a good call. For the web, the CAB sets CA requirements and they could choose to require DNSSEC at a later date. It would be a breaking change, but the CAB can, and has, made breaking changes to the BR. The IETF draft seems flexible enough that we could end up with a DNSSEC MUST for the web, in practice, based on the CAB's discretion. |
|
|