DNS Security Is Important But DNSSEC May Be A Failed Experiment
The Register, Friday, July 25th, 2025
Nobody thinks of running a website without HTTPs. Safer DNS still seems optional
Last week I turned on DNSSEC (Domain Name System Security Extensions) for the systemsapproach.org domain. No need to applaud; I was just trying to get an understanding of what the barriers to adoption might be while teaching myself about the technology.
It turns out that, if you have your domain hosted by a big provider (we happen to use GoDaddy), it's easy to turn on DNSSEC. But I think it says a lot that it took us this long (and the stimulus of working on a new security book) to get us to turn on DNSSEC. By contrast, we would never think of running a website in 2025 without HTTPS.