Are you familiar with the CAP theorem, or do you believe that it's impossible for one query to a globally distributed database to get a different answer for the same question than every other query?
Every time someone tells me that DNSSEC tampering would be "detectible", it always seems premised on the idea that everyone sees the same data. Of course, attackers will isolate their targets and attack them surgically.
What's worse, none of what you're talking about is cryptographic. This is protection by dint of being lucky enough to be on the right part of the network to be hard to attack. No sound cryptosystem works like that.
Every time someone tells me that DNSSEC tampering would be "detectible", it always seems premised on the idea that everyone sees the same data. Of course, attackers will isolate their targets and attack them surgically.
What's worse, none of what you're talking about is cryptographic. This is protection by dint of being lucky enough to be on the right part of the network to be hard to attack. No sound cryptosystem works like that.