Tests for correctness, self similarity, duplication of concerns, contradictory statutes, edge case detection, cruft or outdated laws that muddy the waters...
If the full compliment of software development practices were applied to legislation and ordinances we would be living in a very different world.
Jurisdictional laws don't work that way though. It's more like a script for improvised theater. Everybody get the same text, but no one gets the same performance twice.
They said same about video games but it turns out I didn't just want to play them, I also invested crazy amounts of time learning how to make them. Best time to spend crazy hours pursuing something you care about before the busy schedule of an adult saps all that away. It got me ahead. Not everyone just wants quick fixes.
The difference, I think (as an "over-user" of computers all throughout childhood) is that there were no basis for "they said same about video games", but there is a lot of basis for "social media is a net bad" now.
Do I believe the UK is doing this for the right reason or the right way? Absolutely not. But I also don't agree with the comparison of now and when I was a kid/teen.
I was playing brain dead Game Boy games when I was a kid and adults around me were saying games need to be outlawed because they're making my generation stupid. Now I'm a game developer and pretty happy with it.
Every generation has grumpy old people complaining about the youth. I see the dumb TikTok videos that grumpy old people complain about today, and they're about 2 steps above the absolute slop Gen X adults used to watch in the early 2000s: reality TV. Now grumpy old people watch political streamers saying we need to ban (new thing) because it's making kids stupid.
Well, I'm old enough to remember many "peace talks" go to eternity wit absolutely zero results. In many countries around the world. Just to create the argument.
Knot (as suggested by others) is good. As are BIND and PowerDNS. These are the big authoritative resolvers I think of at least, and all of them allow for basically hands-free DNSSEC; just flip a switch and you'll have it. I've run DNSSEC with all three and have no complaints.
And when using such turn-key DNSSEC support, I think there's very little risk to enabling it. While other commenters pointing out its marginal utility are correct, turn-key DNSSEC support that Just Works™ de-risks it enough for me that the relatively marginal utility just isn't a concern.
Plus, once you've got DNSSEC enabled, you can at the very least start to enjoy stuff like SSHFP records. DANE may not have any real-world traction, but who knows what the future may bring.
That is to say, if you misconfigure it, or try to turn it off, you will have an invalid domain until the TTL runs out, and it's really just not worth the headache unless you have a real use case.
> If bad actors can create valid tls certs they can solve the dnssec problem.
I think you have it backwards: by not running DNSSEC it can mean bad actors (at least a certain level) can MITM the DNS queries that are used to validate ACME certs.
It is now mandated that public CAs have to verify DNSSEC before issuing a cert:
If you mean MITM between DNS Server and CA (e.g. letsencrypt), thats on a level of BGP hacking (means for me government involved) and means they can just use a CA (e.g. Fina CA 2025 with cloudflare).
I think the risk didn't change much (except for big corp/bank).
If you're a masochist you can do it manually, just make sure you have a good grasp of whats going on first[1]
Simplistically you need a DS record at your registrar, then sign your zones before publishing. You can cheat and make the KSK not expire, which saves some aggravation. I've rolled my own by hand for 10 yrs with no dnssec related downtime
I cheer any decision that holds any private web property (like Facebook) accountable for it's user actions.
It helps to reduce hegemony of large social platforms and promotes privately owned websites. For example, I know everyone who has permissions to post on my website (or pre-moderate strangers comments), and is ready to take responsibility for their posts, what my website publishes.
Currently the legal stance seems strange to me -- large media platforms are allowed to store, distribute, rank and sell strangers data, while at the same time they claim they are not responsible for it.
If you haven't already, you should look at the court case that prompted the creation of the current legal framework of Section 230. Prodigy was sued because of the things being said in public chatrooms. Should the host for an IRC server be responsible for everything said on the IRC server? Should they pre-moderate all the messages being said there? Should dang premoderate every post on this site?
The reality is that people who cheer for this stuff are going to be unreasonably shocked when it comes to bite them later. Once the government's done going after the big guys, the little guys are next, and unlike the big guys, they can't absorb a few fines and judgments.
Ehm sorry but no. CRM stands for Customer Relationship Management so … a support ticket is, by definition, a customer relationship event.
Salesforce spending millions to conflate “CRM” with “sales pipeline” was just marketing.
Also, Zendesk calls itself a CRM. Freshdesk’s parent is literally named Freshworks CRM. Gartner and Forrester have always put support under the CRM umbrella.
Whenever a law is about to be changed/removed, run all the tests to make sure no regressions.
reply