Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

This is an 8000 word case against DNSSEC. It's what I would have cited to you if you had pressed me on Huston. Did you read it carefully?


I have read it. He presents both the case for and against DNSSEC, and seems to conclude that DNSSEC is necessary for a distributed PKI, and seems to advocate for DANE (which uses DNSSEC) to solve the many problems of the traditional CA system.

Now, have you read my reference, and can you argue against it?


I have read both of them. My rebuttal is: look at who wrote them, and compare that to the author I presented. "To find a detailed argument in favor of DNSSEC in 2024, you need to consult the blog posts of random people". Even if they were good blog posts, that would be damning.

That's as far as I feel like I have to go on this very old, very dead thread.

Submit either of them to HN as a new story, and if they hit the front page, you can be quite sure of getting a take from me on them.


All I can infer from your refusal to rebut any argument, and instead insist that your ad-hominem arguments are acceptable, is that you are in this debate for the fame, not to argue any actual point.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: