Not making it red would downplay the "SEC" part in DNSSEC.
We already have some privacy metrics in addition to tracking cookies, and there will be more. All are important at the same time.
Not making it red would downplay the "SEC" part in DNSSEC.
We already have some privacy metrics in addition to tracking cookies, and there will be more. All are important at the same time.
"Important" according to whom? A tracking cookie is trivial to fix (or to automagically disable for the more tech savvy citizens). Email being hosted by an untrusted foreign corporation is way harder to fix and impossible to bypass as a citizen trying to contact their government.
The effort required to fix tracking cookies is sometimes astounding, while migrating to another email provider is trivial.
This depends on how well the organization handles change and various complexities. Having great technical staff makes things easier, and throwing money at the problem can also help.
Just to give an anecdote: I've had people crying on the phone because their "solutions provider" could not get TLS to work on their www domain despite spending 5,000 euros or so.
I'd have hoped in 2026 that anyone publishing this type of report would understand that DNSSEC isn't helping anything, and is generally considered to be actively harmful to enable. I'd suggest doing a bit more research and dropping the DNSSEC stuff, or reversing it entirely.
DNSSEC is more likely to self-DoS yourself than protect against an attack, unfortunately.
as exemplified by the recent .de outage https://www.theregister.com/networks/2026/05/06/denic-sorry-...