Cloudflare is to my understanding using DNSSEC with DS records having algorithm 13, while PIR use algorithm 8. Is there any workaround for this or is DNSEC for .org domains just not supported at Cloudflare?
The .org can use a different algorithm to the child domains without problems. Do you have a reference to this “issue”. It might just be a limitation with your registrar.
No, it was a statement for rollover restricted to algorithm 8 made by PIR in 2020 and DNSSEC testing at dnsviz that also showed algorithm 8, which made me thought so. I haven’t tried yet and not asked the registrar yet, so this is still just research!
So it is excellent, if you say that likely .org can use algorithm 13. I have to use Cloudflare name servers and then provide the DS record from Cloudflare to my registrar (Loopia) after enabling DNSSEC at Cloudflare. Loopia support DNSSEC, but just not for .org. Actually they was the first registrar in the world to support DNSSEC!
By the way Cloudflare is fantastic!
When my .org was still at another registrar using Cloudflare DNS, I don’t recall having any issues setting up DNSSEC. Could vary from registrar to registrar, of course.
It’s at Cloudflare Registrar now so it’s even simpler. Not having to manually paste in a bunch of values to set up DNSSEC is nice.
It worked fine to setup DNSSEC for my .org domain with Cloudflare and I got an algorithm 13 DS record for Loopia! Thank you in helping me out with this!
This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.