Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Search
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor
  • Default (No Skin)
  • No Skin
Collapse
Brand Logo

Cloudron Forum
Apps | Demo | Docs | Install
  1. Cloudron Forum
  2. Off-topic
  3. DNSSEC - pros, cons?

DNSSEC - pros, cons?

Scheduled Pinned Locked Moved Off-topic
4 Posts 3 Posters 703 Views
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • humptydumptyH Offline
    humptydumptyH Offline
    humptydumpty
    wrote on last edited by
    #1

    Has anyone set up DNSSEC before? Is it worth the hassle and what are some cons you've come across?

    My domains are hosted with NameSilo and I'm using DNSMadeEasy to manage my domains that point to a VPS with Contabo.

    In my NameSilo account, I found the area where to add the DNSSEC keys/info and according to my search, it seems I need to get those keys from my VPS host (Contabo). However, I'm not sure if it would work since I use a middleman (DNSME) to manage my DNS.

    A penny for your thoughts!

    1 Reply Last reply
    0
    • mehdiM Offline
      mehdiM Offline
      mehdi App Dev
      wrote on last edited by
      #2

      Don't bother. Basically, it's useless, as clients do not rely on it, sadly 🤷

      humptydumptyH 1 Reply Last reply
      2
      • humptydumptyH Offline
        humptydumptyH Offline
        humptydumpty
        replied to mehdi on last edited by
        #3

        @mehdi That's a shame. Thanks!

        1 Reply Last reply
        0
        • G Offline
          G Offline
          gml
          wrote on last edited by
          #4

          I use it, in combination with DANE for certificate pinning in DNS.
          mehdi is sort of right - clients dont really use it, some mail providers do. But I know of no one that enforces it (by dropping e-mails or traffic).

          I use a browser add on in Firefox that displays me the DNSSEC and DANE status of webpages I'm visiting. With the add on I know at least something is odd when it fails on my own pages / domains.

          1 Reply Last reply
          2

          • Login
          • Don't have an account? Register
          • Login or register to search.
          • First post
            Last post
          0
          • Categories
          • Recent
          • Tags
          • Popular
          • Bookmarks
          • Search