They’re two very different things so asking about the two and pushing for them at the same time in my view is a bad idea.

RPKI is only going to be deployed by network operators and they *should* have the technical ability to do this and doing so is “good”

DNSSEC, on the other hand, is available for the many millions of domain names out there and is an incredibly brittle technology. A minor mistake with the deployment will literally kill the domain and all its services.

Pushing for DNSSEC adoption by financial services, government and other “enterprise” users makes a lot of sense, but pushing it for all domains is a terrible idea and has more negative impacts than positives.

Regards

Michele, who has consistently disliked how much time energy and money is pushed into DNSSEC while so many other things aren’t resourced

Mr Michele Neylon

Blacknight Solutions

Hosting, Colocation & Domains

https://www.blacknight.com/

https://blacknight.blog/

Intl. +353 (0) 59 9183072

Direct Dial: +353 (0)59 9183090

Personal blog: https://michele.blog/

Some thoughts: https://ceo.hosting/

-------------------------------

Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,R93 X265,Ireland Company No.: 370845

I have sent this email at a time that is convenient for me. I do not expect you to respond to it outside of your usual working hours.

From: anti-abuse-wg <anti-abuse-wg-bounces@ripe.net> on behalf of Wout de Natris <denatrisconsult@hotmail.nl>
Date: Monday, 11 March 2024 at 10:01
To: anti-abuse-wg@ripe.net <anti-abuse-wg@ripe.net>
Subject: [anti-abuse-wg] IS3C public consultation on an alternative narrative to deploy Internet standards

[EXTERNAL EMAIL] Please use caution when opening attachments from unrecognised sources.

Dear colleagues,

IGF DC IS3C invites you to participate in the consultation on positively enhancing the deployment of two Internet standards: DNSSEC and RPKI. You are invited to answer either of these questions: Do the arguments used to favor a positive decision, convince you to order deployment within your organisation or from your service provider? / Do they assist you to convince decision takers in your organisation to invest in security by design? You are invited to share your views and arguments with IS3C’s expert team and have been granted commenting rights in this document to do so. The consultation runs from 11 March to 12PM UTC, Friday 5 April 2024. Your contribution will be taken into consideration when finalising the text before publication this spring. Here is the link to the Google Doc:

https://docs.google.com/document/d/1YYq3ie9D03L1Z5ssgPbWKV5becUgNw0h7_fmm9xGWKs/edit?usp=sharing

IS3C WG 8 work document

docs.google.com

We hope to receive your views so we can present the most convincing arguments to deploy DNSSEC, RPKI and all other security-related Internet standards and ICT best practices. (FYI, this project is sponsored by ICANN and RIPE NCC.)

Kind regards,

Wout de Natris

IS3C: Making the Internet more secure and safer