DNSSEC support on Netlify

Thanks for chiming in, @jansvabik :slight_smile: I have added your voice to the feature request!

Please!!! How is this not a thing in 2021!!!

Hi @namelessshameless,

As already said above, we’d update the thread once this becomes available.

Understood, just casting my vote as 2 years on it’s still “Not saying it’s coming, will let you know if it comes”.

Is this still not implemented?

Yes, it’s still not available.

Is this still on the roadmap? It would be great to implement this!

Hi, @WhyDontYouWork. There are no active plans to implement this at this time. If this changes we will post an update here to let you know.

By the way, please do not crosspost the same question to multiple topics. It slows things down for our support team and doesn’t make the forum content any more useful.

If you could, would you please add my vote for DNSSEC support as well?

Thanks for the voice @amirhomayoun.

We’ve added your name to the list.

3 years later it’s still not a thing and you’re just adding peoples names to a list. Netlify is not good for security I guess.

Getting sick of saying to people yep there is a red cross next to your domain for dnssec because netlify sucks and doesn’t care about your security.

hi there,

i know it’s not the experience we want you to have - and i am asking again and trying to find out if this is likely to happen anytime soon (or ever). Please do keep the feedback coming, it is ideal if you can tell is why exactly you want DNSSEC and why this is a priority for you. The more information we have, the more compelling case we can build to advocate for work to be done on this.

1 Like

Hi Perry. Thanks for following up on this here.
I am on a free account, and cannot really complain about anything much. Netlify is awesome and I love using it! So, thanks for the very nice service!

As for DNSSEC, I want to enable it so that I can connect my domain to ENS (Ethereum Name Service), a blockchain name server, and they need the domain to have DNSSEC enabled first.

Having said that, I want to point out, that if the blockchain based technologies become a lot more widespread and exchanging equivalents of money occur more and more, being sure that you are being routed to the correct domain becomes even more crucial. I can think of DNS spoofing techniques that hacker can use to route you to the wrong domain, have their own blockchain addresses and have you send them money. And you will never even know.
I don’t know how difficult or time consuming it is for Netlify to implement this, but I just want to say, if it is a reasonable amount of effort, it might be a nice low hanging fruit that basically increases security, sounds good on paper and If nothing more, you just see green checks when running: https://dnssec-analyzer.verisignlabs.com.

Thanks again.

Email security. SMTP DANE requires DNSSEC to operate. So essentially anyone who uses netlify for their DNS has to take a hit in email security. I’m sure your customers having to trade their email security to use netlify is not something yo want surely?

And I mean it’s been 3 years now, if there are no plans to impliment it in the near future I think by now you owe it to people to come out and say it so they can consider finding an alternative with DNSSEC

hi there, i’ve passed your comments back to the team - all i can say is that it is not off the table, but i’m also not seeing any work for this prioritized. I understand it’s frustrating to hear that over and over again - believe me, if i, personally, could do more, i would.

I am a paying customer and would like to see DNSSEC implemented.

1 Like

There is still no DNSSEC support in 2022, nearing 2023. Is there any update on this? It should not take a lot of effort to enable it for all *.netlify.app domains, but has a big impact on security.

Hi @roni :wave:t6: welcome to the forums! We are so glad you’re here. :netliconfetti: We’ve passed your comments and similar comments on this thread back to the team. DNSSEC support is not not off the table, but i’m also not seeing any work for this prioritized. I wish I had a better update and I understand your frustrations.

1 Like

I have just migrated from an external DNS to Netlify DNS and was really disappointed to find out that DNSSEC is not supported.

I might have to migrate back until this is added.

1 Like