This would mean that you would allow us to upload our DNSSEC keys in the manager, so that your name servers can sign their responses, and prove authenticity of their responses.
Any news about when the service will be available?
Come on, we need the feature!
I too would like this.
Another vote for this.
Please, add it soon! We need it.
We are begging you!
This is a must-have feature. While I love DigitalOcean, I would really love to see DO support DNSSec.
I can't wait to use it.
Any date on this?
Please add this feature soon.
Really need it!!!
Really need it
Need it ? !
DNSSEC FTW 🚀
... Come on guys, just do it.
Have been so impressed by the DO droplets, would really love to have that with DNS but as DNSSEC isn't available, it means that DO's domain features are kind of useless if you have any serious thought about protecting your domains.
They even tweeted this a year ago and still haven't moved on it...
A response from the DO team would be appreciated.
It should be added it's 2018 and every other dns provider has it supported.
This idea request has been open for 5 years with no movement?
It's a downer that we don't have ability to use DNSSEC with DigitalOcean in 2018. Definitely something we're looking forward to in near future, don't disappoint us :=)
+1, please add DNSSEC!
How many votes are needed to move this into In Progress?
Please add DNSSEC to your servers
Please add. Will be most useful.
+100. Please add this. We'll be moving servers otherwise.
Please add this feature.
Please add DNSSEC to your servers!
We seriously need DNSSEC. Digital Ocean, do something.
The time has come to become a full service hosting provider!
Please just add DNSSEC to your servers
Why is this not done yet?
how can this not exist yet?
we still waiting
we still waiting! common
Come on DO lets make this happen
We are in 2018 and still nothing? Come on DigitalOcean!!
Please add it soon
yea do it
Given the world of privacy/security we live in now, this only makes sense to offer.
It would be very helpful if this functionality was added.
Please, add this to functionality
It's been 5 years. It's nearly 2018 guys. Time to resolve this technical debt.
Please implement this ASAP. This has been "Gathering Feedback" for 3 years now. My organization needs this to protect our DNS. Please!!!
I concur, this needs to be added ASAP for those who want a full security setup for their websites.
Most valuable thing to get done, IMO
Can't see the reason not to
has to be done
+1 yes, please add DNSSEC support! This is a very useful security feature
+1, I believe it is a crucial feature and may have reconsidered choosing Digital Ocean had I known this beforehand.
Yes, please add this. Some of us want to decentralize our data, but security needs to be a top priority.
+1. I am in a position where I have to choose between DO’s DNS for PTR records, and gcloud’s beta implementation of DNSSEC.
Gathering feedback from three years ago??? C'mon guys - get it sorted for us ...
I was planning on moving to Digital Ocean DNS, but then I found out there is no DNSSEC there...
Any update from DO?
+1, would be really helpful
+1. Yes, this will be a good security feature to have.
+1 Would love this feature!
i am surprised dig.ocean doesn't have this.
I support this. I'd love for my server to be further secured against unencrypted DNS attacks.
I'm suggesting to improve DO DNS system by adding the DNSSEC support.
DNSSEC protocols is designed to add security to the DNS to protect it from certain attacks, such as any data modification attack (e.g. cache poisoning). It's a set of extensions to DNS, which provide origin authentication of DNS data, data integrity and authenticated denial of existence.
Yes please! +1
Reverse delegation is not secure by DNSSEC. I believe. We can't choose our own nameservers for reverse delegation.
Please add this. It's so important!!
I need this feature please!
We require dnsec and I'm shocked digital ocean don't support it
I need this feature please!
Would love to see DigitalOcean advancing in this area.
CloudFlare provides full DNSSEC support in their API since Nov 2015.
Implementation of this feature in DO API would be very helpful to many DO customers
(seems as not so big effort due to DigitalOcean DNS manager API wrapping CloudFlare API).
Thank you for your time and cooperation in advance.
Please add DNS-Sec
I so need this!
Yes please add dnssec!
This is really needed.
Definitely something 100% needed! This is keeping me from transferring all of my business to DigitalOcean
+1. DNSSEC support would be nice.
Yes, please add DNSSEC support! It's important, because we're in 21th century...
Please add DNSSEC support to the DNS Manager Thank you!
Digital ocean has a tutorial about enabling DNSSEC with bind (https://www.digitalocean.com/community/tutorials/how-to-setup-dnssec-on-an-authoritative-bind-dns-server--2) but doesn't provide it in is own DNS manager...
Also digitalocean.com doesn't implement DNSSEC https://www.tlsa.info/detail/digitalocean.com
«Why DNSSEC and DANE/TLSA are important
As all DNS records are usually unencryped and unsigned, attackers can easily manipulate answers from any DNS server on their way to the recipient. With DNSSEC, the authoritative DNS server signs the records for its domains and makes it possible to validate that the domain data is authentic. More information about DNSSEC
Having DNS records signed with DNSSEC helps to solve a second problem: in the last years SSL based web encryption has shown more and more weaknesses. There are many root certificates from certification authorities in your operating system's or browser's trust chain. All of them are able to issue a rogue certificate for any domain, for example by pressure from the government or a secret service. This makes man-in-the-middle attacks against SSL secured websites and mail servers all too easy.
With DANE it is possible to store the fingerprints of the valid certificates in TLSA records within a DNSSEC signed zone. So you don't have to rely on certification authorities anymore but can verify the SSL certificate for yourself. More information about DANE»
After google push https as signal to get better search position, I think DNSSEC will be the next signal.
Excuse me my bad english.
I'm really surprised this idea got so little feedback. DNSSEC is important! Properly done, it would make HTTPS websites running with self-signed TLS certificates actually more secure (publishing the public key in DNS)!
please cast your vote here: https://digitalocean.uservoice.com/forums/136585-digitalocean/suggestions/3606733-implement-dnssec
You won't be notified about changes to this idea.