> A nice addition would be to add who is hosting their email.
replySomething like this? https://livenson.github.io/mxmap/
A few countries have those, here's a Github repo of the Swiss one (has a list of forks in there too): https://github.com/davidhuser/mxmap
Not making it red would downplay the "SEC" part in DNSSEC.
replyWe already have some privacy metrics in addition to tracking cookies, and there will be more. All are important at the same time.
"Important" according to whom? A tracking cookie is trivial to fix (or to automagically disable for the more tech savvy citizens). Email being hosted by an untrusted foreign corporation is way harder to fix and impossible to bypass as a citizen trying to contact their government.
replyThe effort required to fix tracking cookies is sometimes astounding, while migrating to another email provider is trivial.
replyThis depends on how well the organization handles change and various complexities. Having great technical staff makes things easier, and throwing money at the problem can also help.
Just to give an anecdote: I've had people crying on the phone because their "solutions provider" could not get TLS to work on their www domain despite spending 5,000 euros or so.
I'd have hoped in 2026 that anyone publishing this type of report would understand that DNSSEC isn't helping anything, and is generally considered to be actively harmful to enable. I'd suggest doing a bit more research and dropping the DNSSEC stuff, or reversing it entirely.
replyDNSSEC is more likely to self-DoS yourself than protect against an attack, unfortunately.
replydeleted
reply[dead]
reply