I don't think that's really true at all, re the incentive story. DNSSEC (or, at ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		tptacek on Feb 15, 2024 \| parent \| context \| favorite \| on: Just one bad packet can bring down a vulnerable DN... I don't think that's really true at all, re the incentive story. DNSSEC (or, at least, the classic IETF DNS stack) has a story for encrypted transport; it's just that nobody ever wanted to deploy it.

mike_d on Feb 15, 2024 [–]

I don't want to dig up private discussions from a dozen years ago, but the DNS vendors that mattered at the time also had passive DNS/security products that paid the bills.

Consider applying for YC's Summer 2026 batch! Applications are open till May 4
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact