• jbk@discuss.tchncs.de
    link
    fedilink
    arrow-up
    21
    ·
    11 months ago

    My prediction is that we’ll go DNSSEC globally when IPv6 gets mainstream adoption. It sucks how many just don’t care enough.

    • Domi@lemmy.secnd.me
      link
      fedilink
      arrow-up
      29
      arrow-down
      1
      ·
      11 months ago

      when IPv6 gets mainstream adoption

      At the current speed that would approximately be in 2087.

    • Chobbes@lemmy.world
      link
      fedilink
      arrow-up
      8
      ·
      11 months ago

      The abysmal adoption of DNSSEC is just embarrassing, and I haven’t heard any good arguments for why we shouldn’t do it. There’s one blog post that gets passed around as justification for not adopting DNSSEC, but it doesn’t really go into any technical detail and is mostly just the author saying “I’m scared of governments and TLDs”… which is maybe fair, but you still have to trust them for regular CA certs and everything, so why not make thr base secure?

      Honestly, I might care slightly more about DNSSEC than IPv6 adoption… IPv4 exhaustion and NATing everywhere sucks, but the fact that you can’t trust DNS is like… insane.