I cannot set DS Records with my Registrar. Now what can I do?

holger · October 11, 2023, 11:53am

I have a big problem with the new requirement to set DS or DSKEY records: the registrar of my domains (Freenom) does not offer this option. I can set a NS record, that’s it.

I fear the currently - quite nice - e-mails might change soonish to “do what we request or your domain gets suspended”. I would like to do that, but as I said, they don’t offer that feature.

So what now!? It would be great to exclude hobby projects or domains hosted by … not the best registrars in the world … from your rule.

peter · October 11, 2023, 12:05pm

Hi holger,

Thanks for your message, and welcome to deSEC!

Regarding your question, please see [deSEC] Action required: Insecure domain. In short, don’t worry too much, but we appreciate if our users make an effort to have DNSSEC enabled, if their TLD registry supports it.

Stay secure,
Peter

holger · October 11, 2023, 12:21pm

Awesome, thank you Peter, … I was a bit worried =)