

Questions and Answers from “Against DNSSEC” - zedpm
http://sockpuppet.org/stuff/dnssec-qa.html

======
tptacek
If this is nearly as interesting or useful than the original post it concerns,
I did something wrong.

------
msturgill
The author of this is missing the point of DNSSEC.

They seem to be confusing DNSSEC and functionality that is possible with
DNSSEC (DANE/TLSA). Not only that, they don't seem to fully understand DANE
(there are modes that complement the traditional CA model, not replace it).

DNSSEC is just another tool. It isn't a panacea.

I definitely urge readers to objectively research the technical aspects of
DNSSEC and draw conclusions for themselves.

------
owly
Good post. Interesting info.

