Task #1478: implement DNSSEC [Postfix client + domain later] - Infrastructure - The Document Foundation Redmine

Actions

Copy link

Task #1478

closed

implement DNSSEC [Postfix client + domain later]

Added by Florian Effenberger about 9 years ago. Updated over 7 years ago.

Status:

Rejected

Priority:

Normal

Assignee:

Guilhem Moulin

Category:

Domains and DNS

Target version:

Team - Qlater

Start date:

Due date:

% Done:

Tags:

URL:

Description

We should look into migrating to DNSSEC.
Florian privately made some good experiences with core-networks.de (signing is super-easy, they just lack an API for zones which we haven't used anyways in the past)
There's a sponsoring offer on the table for backup DNS.
An idea would be to have core-networks as main DNSSEC provider, and take advantage of the sponsoring offer as mirror/fallback (secondary zone with AXFR).
I'd start with less-prominent domains first to gain some experience.
I would, contrary to the initial scope of the ticket, not consider hosting DNS on our own.

Actions

Copy link

Updated by Dennis Roczek about 9 years ago

Category set to Domains and DNS

Actions

Copy link

Updated by Florian Effenberger about 9 years ago

Subject changed from onw DNS incl. DNSSEC to own DNS incl. DNSSEC

Actions

Copy link

Updated by Florian Effenberger almost 9 years ago

There's www.core-networks.de which I've been using for testing. Sounds interesting, though it lacks an API it seems
I'm reluctant to switch DNS providers "just" to have DNSSEC, but maybe having one that does the DNSSEC magic and another one that just mirrors the zone could be an idea

Actions

Copy link