Correct, what RFC2317 brings you, is an example of you creating a new namespace in some structured format (IIRC, there are three different example formats given in this RFC), and you just have the upstream ISP, which has the reverse delegation done on the zone cut boundary for the IP ranges it controls inserting a CNAME out to your new namespace on nameservers you control for the reverse PTRs so the reverse PTRs can be formed that way.
Running a long time ISP, I found extremely few customers wanting to do something like RFC2317, or could actually figure out and do it effectively. Almost all were content with control panel/API and having the ISP do it after I pointed them to this informational RFC asking them if this is what they wanted.
I think part of the reason most ISPs don't support RFC2317 or reverse delegation is that it makes it easy for a bad actor who's in charge of the DNS server being delegated to, to spoof any domain they want. The consequences of this sort of spoofing have now been limited by other systems and protocols anyway, so it's not as big of a deal.
ISPs prefer to have direct control of the reverse lookups within their IP blocks so they can ensure the integrity of the information.
Note, the CIDR RFC didn't come out until Sep 1993. Thus even brand new network equipment in the mid 1990's were still very classful.
And even then, knowledge of how to properly use /etc/netmasks in SunOS v4.x (or the equivalent if some other network stack even had one) was very scarce.
In the mid 90's, SMBs connecting to the Internet would have very typically obtained a /24 from their ISP, and had direct connection online, no firewalls, barely any proxy servers (although that was popular for some mid sized customers that would have needed multiple /24s or even a /16 to get all their workstations online).
It wasn't until the company Network Translation, with the PIX came about that anybody even considered doing private IP address in general as a firewall strategy with NAT translation using private IPs. And then it took years and years to become popular. Long bought by Cisco at that point.
I don't think Cisco IOS even had NAT until something like 10.2, when it was a premium license package.
For a very long time, Juniper lead over Cisco for performance and features. After the run of the original Catalyst switches, Cisco was floundering, resting on their past successes without really pushing anything.
We bought Juniper gear at the time because nothing Cisco had would work well for us. At least at not any sane price point, and lots of restrictions/gotchas.
Cisco finally got their wind back eventually on their Nexus gear, catching up and run neck-and-neck between Juniper & Arista now.
I've stopped buying books from Amazon as _every_single_one_ comes with the corners dinged, the covers scratched, and often times bent in half one way or the other.
If I happen to want a self-published-printed-by-amazon book (ie. not available at any other store), I'll really think twice about it, as the quality is probably total crap. The last one I got had screenshots that were all unreadable (and the main content was mostly in the screenshots, without explaining text otherwise), and looked like it was printed at about 15 dpi.
OOTH, I've never had problems with BN or Bookshop.
I haven't had any trouble installing VMware security patches (I've done plenty).
As to why there seems to be such an increase in security patches, its like the quote from Willie Sutton. That's where the money is.. The largest target gets the most attention.
Everybody has bugs. While you may hide under the radar with using some lesser known things, don't fool yourself thinking that there aren't holes the hackers can weave their way through.
I don't remember exactly, but there were some issues where a security update would remove support for certain common (HP?) RAID controllers or something to that effect. So, if you're not careful, a security patch could potentially brick a server.
Hyper-V as most people actually use it is more like single-host VMware ESXi.
VMware's true magic is with vCenter. While Microsoft has an equivalent to that (SC VMM), nobody seems to use it because it is virtually unusable. I've never seen a successful production cluster of VMM running.
Running a long time ISP, I found extremely few customers wanting to do something like RFC2317, or could actually figure out and do it effectively. Almost all were content with control panel/API and having the ISP do it after I pointed them to this informational RFC asking them if this is what they wanted.