Domain no longer fully secure after move
Sandro
lists at penguinpee.nl
Wed Dec 14 18:13:39 UTC 2022
Hi,
I'm trying to understand what exactly is wrong with DNSSEC for my
domain, penguinpee.nl, before contacting involved parties.
I recently (last weekend) moved the domain to a new registrar. The keys
are now managed by the registrar directly. At least I don't see an
option providing my own or additional keys in their web interface.
Moreover, I'm no longer running my own DNS server. :(
Previously, I could set my own BIND server as a primary server for my
domain and have the registrar use AXFR to update the secondaries.
The DNSViz analysis for the current situation:
https://dnsviz.net/d/penguinpee.nl/Y5oJSw/dnssec/
And from before the move:
https://dnsviz.net/d/penguinpee.nl/Yq3P8w/dnssec/
Verisign has one single complaint: No DS records found for penguinpee.nl
in the nl zone.
IIUC, the details for the DS record have to be provided by my new
registrar, so SIDN can add them.
-- Sandro
More information about the bind-users
mailing list