Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Search
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor

  • Default (No Skin)
  • No Skin
Collapse
Brand Logo

Cloudron Forum

Apps | Demo | Docs | Install
  1. Cloudron Forum
  2. Off-topic
  3. DNSSEC - pros, cons?

DNSSEC - pros, cons?

Scheduled Pinned Locked Moved Off-topic
4 Posts 3 Posters 1.0k Views 3 Watching
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • humptydumptyH Offline
      humptydumptyH Offline
      humptydumpty
      wrote on last edited by
      #1

      Has anyone set up DNSSEC before? Is it worth the hassle and what are some cons you've come across?

      My domains are hosted with NameSilo and I'm using DNSMadeEasy to manage my domains that point to a VPS with Contabo.

      In my NameSilo account, I found the area where to add the DNSSEC keys/info and according to my search, it seems I need to get those keys from my VPS host (Contabo). However, I'm not sure if it would work since I use a middleman (DNSME) to manage my DNS.

      A penny for your thoughts!

      1 Reply Last reply
      0
      • mehdiM Offline
        mehdiM Offline
        mehdi
        App Dev
        wrote on last edited by
        #2

        Don't bother. Basically, it's useless, as clients do not rely on it, sadly 🤷

        humptydumptyH 1 Reply Last reply
        2
        • mehdiM mehdi

          Don't bother. Basically, it's useless, as clients do not rely on it, sadly 🤷

          humptydumptyH Offline
          humptydumptyH Offline
          humptydumpty
          wrote on last edited by
          #3

          @mehdi That's a shame. Thanks!

          1 Reply Last reply
          0
          • G Offline
            G Offline
            gml
            wrote on last edited by
            #4

            I use it, in combination with DANE for certificate pinning in DNS.
            mehdi is sort of right - clients dont really use it, some mail providers do. But I know of no one that enforces it (by dropping e-mails or traffic).

            I use a browser add on in Firefox that displays me the DNSSEC and DANE status of webpages I'm visiting. With the add on I know at least something is odd when it fails on my own pages / domains.

            1 Reply Last reply
            2
            Reply
            • Reply as topic
            Log in to reply
            • Oldest to Newest
            • Newest to Oldest
            • Most Votes


              • Login

              • Don't have an account? Register

              • Login or register to search.
              • First post
                Last post
              0
              • Categories
              • Recent
              • Tags
              • Popular
              • Bookmarks
              • Search