I wanted to move away from Cloudflare as my DNS provider, because over the last years they have lost their good guy image. Before them I used Namecheap, which was a much worse experience (at the time). So I went looking and deSEC seemed like a good choice: free, open source, developer focused and a commitment to modern standards.
The account creation process went fine. When I wanted to add my domains I hit the first issue: there is an initial limit of 1 domain per account. Right below is the note “Contact support to apply for a higher limit.”. There is no mention of this before signup and no further information of who qualifies for a higher limit. Not wanting to deal with support before even using their service, I gave up for the next 8 months.
Recently, feeling extra motivated, I gave it another try and contacted support. I was told that they are happy to increase my domain limit, as long as I plan to activate DNSSEC on all of them. Also I need to write from the correct email address associated with my account, which later turned out to be a mistake on their part, as I was using the correct address.
Since two of my domains are currently registered with Hetzner, I can’t enable DNSSEC on them, because they lack support for it. On another domain it should be possible and I would enable it. I wrote back explaining the situation and got the response that their mission is not to provide free DNS hosting, but to increase internet security. Therefore all domains are required to establish a DNSSEC chain of trust or they will be removed as per §4 of their terms of use. When I read them, I assumed it would only apply where technically possible, but apparently that is irrelevant. I was offered a recommendation of a compatible registrar, to transfer my Hetzner domains to, which I accepted in my next follow-up email.
The recommended registrar was a4a.de, operated by Peter Thomassen, one of the team members of deSEC. This was openly disclosed in the email. At a price of 20.40€ a year for an .at domain they are about twice as expensive as Hetzner at 11€ though. Also I’d have to order by email, which is slightly annoying. I was not convinced of the offering.
So three emails in, my domain limit is still 1 and I wouldn’t even be allowed to add the other ones, since they don’t support DNSSEC. At least the support contact was very responsive, only taking about a day to respond to each message. But I probably won’t use them in the future, because I don’t like the security above everything else attitude. That they’re willing to cancel someone’s service for not meeting their security standards makes me worried that it could accidentally happen to me.