Comcast has signed all their managed domains, as well as deployed DNSSEC resolvers for their customers. And they're encouraging others to make the jump to DNSSEC now as well, especially e-comm/banking sites.
Nice work guys, any of the Comcast guys on the list want to give us an idea how much work is involved in this from a large-scale service provider perspective to do it? Any big caveats you encountered that people should watch out for?
Comcast has signed all their managed domains, as well as deployed DNSSEC
resolvers for their customers. And they're encouraging others to make the
jump to DNSSEC now as well, especially e-comm/banking sites.
Nice work guys, any of the Comcast guys on the list want to give us an
idea how much work is involved in this from a large-scale service provider
perspective to do it? Any big caveats you encountered that people should
watch out for?
Very cool, but they haven't signed *all* of them. comcast.net still
isn't signed, nor are any of the reverse zones, nor is comcastonline.com
(in Comcast's SOAs).
You can probably quibble about whether the reverse zones are important,
but comcast.net is quite a significant miss. (Email, DNS, their "more
information links", etc.)
Still, I'm glad they're doing it, and hopefully reality will catch up
with their announcement soon.
Very cool, but they haven't signed *all* of them. comcast.net still
isn't signed, nor are any of the reverse zones, nor is comcastonline.com
(in Comcast's SOAs).
We'll be there very soon. Sometimes unplanned work in other areas pulls
resources temporarily, conspiring against the best plans.