OVHcloud Community

Welcome to your community space. Ask questions, search for information, post content, and interact with other OVHcloud Community members.

How to upgrade DNSsec algorithm for domains?


#1

Hello!

I registered several domains with OVH. Some of them over 10 years ago :wink:

Now I’m in the need to upgrade the DNSsec algorithm for my domains from 7 or 8 to at best 13, since RSASHA1 and RSASHA1-NSEC3-SHA1 are severely wounded.

I’m fearing my MX-servers getting blocked for using such old algorithms. Victor Dukhovni asked OVH for upgrading their old algorithms in 2020-01-10 via Twitter, but got no reaction from OVH-staff :frowning:

What have I to do to get the DNSsec algorithms upgraded? Write a support ticket for each of my domains?

I know a ZSK&KSK-key-rollover isn’t an easy job to do, but OVH is DNS-provider for myriads of domains… so they should own a plan or strategy for this!

I guess I’m not the only OVH-customer who uses DNSsec and the domains are signed by old algos, which want’s to have a correct DNSsec-setup for their servers.

Cheers from Germany
Christoph.