Without the proposition "Once we deploy it, any notion of solving the problem correctly dies", which you seem to repudiate here, much of the sound and fury on HN in recent days would evaporate.
People doing dumb shit on the internet is typically not a problem for me, so while the end-to-end argument suffices to dismiss DNSSEC as worthy of investigation, I remain confused by all the attention drawn to this. If it's all a CloudFlare marketing stunt, has no one heard of the Streisand Effect? If it's all an NSA email-reading effort, why don't they just keep reading our email in the same fashion they already do? Confusing...
I vigorously disagree that the "sound and fury" on HN is about DNSSEC sucking all the oxygen out of the DNS security problem. It is on its face a PKI that gives control over .COM keys to the NSA.
People doing dumb shit on the internet is typically not a problem for me, so while the end-to-end argument suffices to dismiss DNSSEC as worthy of investigation, I remain confused by all the attention drawn to this. If it's all a CloudFlare marketing stunt, has no one heard of the Streisand Effect? If it's all an NSA email-reading effort, why don't they just keep reading our email in the same fashion they already do? Confusing...