Nice to see a short writeup about what's wrong with DNSSEC: sockpuppet.org/blog/2015/01/… I turned off DNSSEC for hsivonen.fi but didn't write why.
1
5
5
Replying to @hsivonen
@hsivonen I found many parts either unconvincing, or unclear as to how the hypothetical future solution could be better.

Jan 17, 2015 · 10:49 PM UTC

1
Replying to @davidbaron
@davidbaron A key point is that a DNS-level future solution is unnecessary from the Web POV. (MX/SRV delegation needs something, though.)