DNSSEC is a good step to increase the security and resiliency of the system, only if in the long term gets fully deployed and people use it. > IMO DNS is "Good Enough" Clearly not. 10+ and we still don't have a concrete solution to the top level monopoly, people fighting all over the place to get the "good names", or names being seized by different authorities without a due process, or filtered by others because they don't like it or the content they point to, etc, etc, etc, etc .... DNS is good enough and has been very reliable and good enough for more than two decades to resolve in a hierarchal way and distributed architecture a fully qualified domain name into an IP address (without taking in account other RRs and reverse resolution, etc.). When we converted it into a flashing giant global billboard we screwed up. My .02 Jorge