Comment by elric
3 hours ago
Colouring an area red because they don't have DNSSEC enabled on a domain seems excessive.
A nice addition would be to add who is hosting their email. First handful I've looked at are all outlook.com, which seems a much bigger privacy & security risk than not using DNSSEC.
> A nice addition would be to add who is hosting their email.
Something like this? https://livenson.github.io/mxmap/
A few countries have those, here's a Github repo of the Swiss one (has a list of forks in there too): https://github.com/davidhuser/mxmap
Not making it red would downplay the "SEC" part in DNSSEC.
We already have some privacy metrics in addition to tracking cookies, and there will be more. All are important at the same time.
"Important" according to whom? A tracking cookie is trivial to fix (or to automagically disable for the more tech savvy citizens). Email being hosted by an untrusted foreign corporation is way harder to fix and impossible to bypass as a citizen trying to contact their government.
I'd have hoped in 2026 that anyone publishing this type of report would understand that DNSSEC isn't helping anything, and is generally considered to be actively harmful to enable. I'd suggest doing a bit more research and dropping the DNSSEC stuff, or reversing it entirely.
[dead]