Implementing DNSSEC appears to be a bit tricky business

Not because of something in tech per se. But it appears that Domain registrars are more or less "challenged" with the question, that they could provide it for me.

The thing is: My DNS is handled by CloudFlare, who host and provide great security enabled services for Websites. For them, DNSSEC is business as usual.

But setting up that requires something from the Domain Registrar. I do not know what it means technically, but for me it shows up as "dnssec: true" in WHOIS data for the domain.

Both my domains .biz and .fi are registered under different registrars. .biz was a email chain for 1 week to get it done. It works now. The second domain is now in the works. First letter from registrar tried to tell me that their DNS is not up to the task, and that can't be done.

I know that, but I don't care: they do not provide the DNS for me in the first place. Well, such is life, and that is what the email was created for. I'm aware of claims that .fi domains could not have DNSSEC, but this might be changed: domain.fi talks about DNSSEC as a possible feature.

Comments

jarif's picture

I asked and they will bring support for elliptical protocols such as a 13 later after 4.9.16