A significant number of people don't use DNSSEC because they're tied to DNS services which don't support it. And that is an argument for creating more services without support for it?
I imagine the argument is that it's harder and they need time and it's not a critical component so it's better to bootstrap their business first. You know, entrepreneurship.
I don't buy it. They provide support for the "SPF" record type, but not "RRSIG". They would be equally simple to implement, yet DNSSEC would be hugely more beneficial.
I've never come across anyone using the SPF record type. nearly everyone just uses TXT for that.
I think DNSSEC was just an oversight on Amazons behalf. A mistake that they will hopefully fix in the not too distant future.
