Azure DNS needs DNSSEC support
DNSSEC is required to be able to secure your DNS requests. At the moment this is not available. We cannot move until our domains to Azure DNS untill these requirements have been met.
Anonymous
shared this idea
Thanks for the suggestion. We recognise the strategic importance of DNSSEC and it is a key feature on our long-term backlog.
DNSSEC represents a very large engineering investment, and hence we have to prioritize carefully vs other work. The most customer data we can get supporting the need for DNSSEC support, the better prioritization decisions we can make. We appreciate your votes and your comments.
50 comments
-
Jolly Chan
commented
DNSSEC is requirment from security area. Please enhance this feature on Azure DNS,
-
Anonymous
commented
Upvote
-
Rob Campbell
commented
DNSSEC is no longer optional, it is a requirement for any DNS service. The lack of support for DNSSEC by Microsoft and Amazon eliminate them as a serious option for DNS.
-
Harlow Burgess
commented
https://www.theregister.co.uk/2018/04/24/myetherwallet_dns_hijack/
Does Microsoft want to be in the headlines next?
-
peter rietveld
commented
Yes, must have, not a should have. RFC7030 would be a should have then, too, as an underpinning protocol
-
Jeffry A. Spain
commented
Google Cloud DNS https://cloud.google.com/dns/dnssec has implemented DNSSEC. Signing options and key rollover functionality are somewhat limited, but it's a good start, and it works.
-
André Melancia [MCT] commented
Any news on this? This is a requirement in many companies now.
-
Matthew Stevenson
commented
This is taking far too long. Been waiting for DNSSEC and more recently DANE for quite a while now!!! After moving all the domains over to Azure, i'm going to have to now move them off again to other providers to be able to achieve this realistically.
-
Anonymous
commented
-
Anthony Puca
commented
US OMB requires all US Government agencies to use DNSSEC for public DNS records. Hence, no US Government agency can use Azure DNS. If they do, they are violating a policy they will be audited against.
-
Sander
commented
Could you provide any ETA?
-
Anonymous
commented
Please, this is urgent!
-
Zonghe
commented
Upvote please
-
SecFirst
commented
Any ETA for this? This has been on the roadmap since atleast mid 2016.
-
Anonymous
commented
Would be one more feature to get customers to move their public DNS to Azure as well. Azure should support the latest security state of the art functionality here.
-
Michael
commented
Just adding my voice to request DNSSEC support.
-
Alfredo Cartagena
commented
Just another vote for this functionality. If this is in the near term roadmap, please advise as this might sway the decision...thanks!
-
Adam
commented
DNSSEC is critical for many regulated and government environments, both inside and outside the US. Obviously, customer can spin up a bunch of IaaS Windows/Linux VMs and do this themselves, but that's wasteful, and turns away customers. All the major DNS hosting providers have offered DNSSEC for years.
-
Ruud Rombout
commented
Nice to hear, and what about the support of DANE? Also DANE is required for Dutch municipalities!
-
Anonymous
commented
Dutch municipalities have to adhere to standards as set by the Dutch Government https://www.forumstandaardisatie.nl/open-standaarden/lijst/verplicht - without adherence no cloud solutions.