> there won't even be a real architectural argument for DNSSEC anymore

ADoT relies on NS records to be DNSSEC signed.

The TLS certificates that ADoT relies on need to be hashed into TLSA records (DANE, DNSSEC).

And? The IETF RFC draft for ADoT still specifies that it relies on DNSSEC.

https://datatracker.ietf.org/doc/draft-dickson-dprive-adot-a...

Check out the DPRIVE working group (ekr's comments in particular) for some of the backstory. DNSSEC isn't happening either way, but I think ADOX might.

I think this is a bit of an apples and oranges moment.

While I agree transport confidentiality is important, that is not what DNSSEC solves, nor should you see people saying that it does solve confidentiality.

DNSSEC protects the transport integrity of DNS responses. DNSSEC enabled zones 100% defeat on-path cache poisoning attacks to recursive resolvers that are DNSSEC enabled. Full stop.

ADo"X" protects the transport confidentiality of DNS responses. I suppose this "weakly" protects the transport integrity of DNS responses, but, again, the primary purpose is confidentiality.

After reading RFC 9539, it's clearly stated that it's opportunistic encryption. An on-path attacker will find it trivial to disable encryption and start poisoning caches. The RFC states in multiple places that if TLS setup fails, fall back to plaintext DNS.

If DNSSEC fails, an on-path attacker has no similar recourse. A properly configured recursive resolver will SERVFAIL and _never_ send back a potentially poisoned response to clients for DNSSEC signed zones.

> the attacks DNSSEC were ostensibly designed to address are now solved problems.

Maybe you can help figure out where you went wrong here by explaining what - in your understanding - were the problems that DNSSEC was "ostensibly designed to address" ?

> because we'll have end-to-end cryptographic security for the DNS.

In 1995 a researcher who was annoyed about people snooping his passwords over telnet invented a protocol (and gave away a free Unix program) which I guess you'd say delivers "end-to-end cryptographic security" for the remote shell. Now, when you go into a startup and you find they've set up a bunch of ad hoc SSH servers and their people are just agreeing to all the "Are you sure you want to continue ..?" messages, do you think "That's fine, it's end-to-end cryptographic security" ? Or do you immediately put that on the Must Do list for basic security because it's an obvious vulnerability ?

Many years ago, when HTTPS adoption was in the 5% range, if someone would have said “HTTPS is the ultimate defense against web page spoofing”, would you have argued that it was false, just because the adoption was so low?

DNSSEC is the ultimate defense against cache poisoning attacks, no matter the adoption percentage.

You should go tell Google that.

Google is aware and has enabled DNSSEC on their recursive resolvers for a long time.

Unfortunately, most people do not DNSSEC sign their zones, so Google have to resort to also enabling 0x20, which is helpful, but also (to an extent) security theater.

"People" in this case includes Google, which does not sign its zones.

The needs and risk profiles of Google are vastly different than basically every other organization on Earth.

(I also note that you didn’t answer my question, and instead opted for a rhetorical cheap shot reply to my second paragraph only.)

Never mind. It's OK. I don't think we're speaking the same language, so to say.

I think your posting style of making confident statements, but responding to counter-arguments with rhetorical cheap shots and condescending non-answers, is unsuitable for HN.

I don't think personal attacks are helping your case, Teddy.

Criticizing specific behavior as being unsuitable for HN is not a personal attack.