
Why isn't everyone using DNSSEC? - okket
https://blog.apnic.net/2017/06/28/isnt-everyone-using-dnssec/
======
tptacek
[https://sockpuppet.org/blog/2015/01/15/against-
dnssec/](https://sockpuppet.org/blog/2015/01/15/against-dnssec/)

The real answer is simple: _it provides very little value_. TLS was designed
to assume that the DNS was insecure, and if you care about security, you need
at least TLS.

------
brudgers
A fairly good HN technical discussion of DNSSEC with several comments by
tptacek.

