The global and distributed system relies on the system actually returning valid responses. If the root servers are broken, whether it's a problem with RRSIG records or A records, the TLD is broken.
replyIf my domains' DNS servers start pointing at localhost, that doesn't mean DNS is a broken protocol.
denic is the single source of truth for zones under .de.
replyThe only problem with DNSSEC here is that it's complex.
A complex thing where making a mistake makes your domains drop off the internet seems like a pretty big "only problem".
reply