ben blogs

wherever you go, there you are

DNSSEC wasn’t worth it

2024.08.15

1 min read

In reply to Calling Time on DNSSEC? by Geoff Huston.

[… we] estimate that DNSSEC validation is performed around 1% of the time, given the DNS query profile of today’s data

I run my own authoritative nameservers and have had a slight nagging feeling that I should’ve enabled DNSSEC years ago. It’s been on my perpetual to-do list but I’ve never gotten around to it. I’ve definitely caused some outages trying to get DNSSEC to work.

Came across this article and it confirms that my procrastination was pretty OK in this specific case.

Also on: bsky.app

Likes, Bookmarks, and Reposts

  • morb

Leave a Reply

Your email address will not be published. Required fields are marked *

To respond on your own website, make a post that contains the link to this post and enter the URL of your response. Want to update or remove your response? Update or delete your post and re-enter your post’s URL again. (Learn More)