The rabbit hole on people gradually pulling up stakes on DNSSEC goes deeper than that; I'd say the canary in the coal mine is probably Geoff Huston switching from "of course we're going to DNSSEC everything" to "are we going to DNSSEC anything?":
(Geoff Huston is an Internet infrastructure giant.)
But really it all just boils down to the fact that the DNS zones that matter --- the ones at the busy end of the fat tail of lookups --- just aren't signed, despite 25 years of work on the standard. IPv6 is gradually mainstreaming; in countries where registrars auto-sign zones, DNSSEC is growing too, but very notably in countries where people have a choice, DNSSEC deployment is stubbornly stuck in the low single digit percentages, and the zones that are getting signed are disproportionately not in the top 10,000 of the Tranco list.
You keep citing these two random blog posts to me. I've never quite understood why you think they're such a mic drop. "Shreyas Zare, who develops software part-time as a hobby" thinks I'm all wrong. OK? Did Shreyas Zare connect Australia to the Internet before spending 15 years advocating for DNSSEC as the chief scientist at APNIC? I think my Pokemon wins here.
I’m not citing them to you. I’m citing them to other readers here who do not have your attitude of dismissing arguments unless they’re made by someone in authority, in which case your proclaim them valid, and coincidentally supporting your viewpoint (even when they don’t; again, I urge readers to actually read Geoff Huston’s blog post for themselves). You’re literally making an argument from authority and making an ad hominem argument at the same time.
I don't think we're playing the same game here. This is a random info page at ICANN from 2019. It doesn't even have a byline. I had to go to archive.org to figure out when it showed up. Why would you think this would be persuasive?
I assumed that you would consider ICANN an authority, but apparently you only consider named people to be authoritative and being capable of having any argument of merit? Your mind is truly fascinating.
This is like saying that the DNSSEC working group endorses DNSSEC, Teddy. Like, yes, I agree that they do, but it's not interesting to point that out. It is in fact interesting that Geoff Huston is entertaining questions about the success of the protocol, because he's a major DNSSEC advocate and a globally recognized authority on core Internet infrastructure and, in particular, DNS measurement.
This is what I mean when I say we're not really talking to each other. I don't think you understand or care about the argument I'm making, and so you're not engaging with it. That's fine! But then: let's just stop engaging.
I’m not interested in whether ICANN or Geoff Huston is or is not endorsing DNSSEC. I’m interested in what arguments they make for and/or against DNSSEC. You, on the other hand, seem to be having some electoral college model, where you don’t consider facts and arguments at all, but only care how many people in authority are for or against it. This is why you namedrop all the time, and dismiss my (and others’) arguments as coming from “randos”.
[0] - https://www.verisign.com/en_US/company-information/verisign-...
[1] - https://www.statdns.com/