Hacker News new | ask | show | jobs
by SEJeff 37 days ago
Just gonna leave this absolute gem from Thomas Ptacek on DNSSEC here:

https://sockpuppet.org/blog/2015/01/15/against-dnssec/
1 comments
betaby 37 days ago
Aged like a milk.
link
tptacek 37 days ago
Oh, yeah, I'm sure feeling chastened right now. You got me.
link
SAI_Peregrinus 37 days ago
Parmigianino-Reggiano is aged milk, so I'm not sure what people have against aged milk. Aged milk can be great
link
sgc 37 days ago
My poor fellow. You wrote about how something is a bad tool for a long list of serious reasons. Then it failed spectacularly because everybody decided to depend on it anyway - exactly what you were cautioning against. But somehow you have to respond to people who think you are the one who got it wrong! As a third party the whole affair gave me a good chuckle at least ;)
link
tptacek 37 days ago
Germany appears to depend on it. Virtually none of North America does. I'm pretty satisfied with how this whole thing shook out!
link
cyberax 37 days ago
You're wrong. Both .com and .net are signed (`dig RRSIG com.`), and if they screw up, then all the com/net zones will become inaccessible.
link
tptacek 37 days ago
Virtually no zones under .com/.net are signed, which was the only point I was making. It has no adoption here.
link
theMMaI 37 days ago
Sssshh, don't give Verisign any bad ideas!
link