Leif Gustafsson <leffe...@gmail.com> wrote: > Your DS in .NET was missing at this point > https://dnsviz.net/d/enfer-du-nord.net/aAeeOQ/dnssec/.
> So You did solve it the correct way. (If You do not use autoprovisioning as > described in rfc8078 but i haven't found a way to do that in .NET TLD) Thanks for pointing me to this. I set this up when I started to use knot, then I found out that none of my TLD are capable of following RFC8078, and then I forgot to remove them. That I have done now. > I don't know how or why it was removed though but it is probably something > that happened at Your registrar. Yes :-( All of my 7 zones needed additional secondary name servers. And during this process of configure them in my registrar's GUI, their scripts obviously removed all zones' DS records in addition :-( Well, now I do have to look for a new registrar who knows how to provide DNSSEC services to customers running their own name servers. Any recommendations? Regards, Michael --
