When your needs are simple, or the about the same as most other people, the biggest challenge you’d have is trying to differentiate between the many dozens of providers you could sign up with. However, if you’ve something very specific that you need, then the challenge becomes finding any provider at all that will work for you.
I’ve been very happy with Namecheap. I’ve consolidated my domains with them many years ago, having bid goodbye to GoDaddy who, perhaps are overall a fine domain registrar, annoyed me enough over SSL cert problems to seek alternatives.
This time, it’s Namecheap. They’ve been really good. They did just about everything I needed them to do. Support was great. Then signs of trouble surfaced when I wanted to implement DNSSEC on my domains.
In January 2017, I contacted Namecheap tech support. Namecheap claimed to support DNSSEC. The web portal showed a switch to enable DNSSEC. I turned that on, but DNSSEC was not correctly provisioned. That was one year ago.
I was optimistic, and had expected the problem to be resolved within one hour. But after many tickets, many days, dragging on for weeks, then months, I eventually gave up bugging them in March 2017. Prior to that, each time I bugged them for an update, I get some variation of this:
First of all please accept our deepest apologies for a delay in the resolution of this issue.
To our deepest regret, our Engineering team is still working on the resolution of the issue and currently we are not able to provide any significant updates. We deeply apologize for the inconveniences you are experiencing regarding this matter and would like to assure you that we will not stop working until we find a solution.
Please rest assured that your issue was not forgotten and we will immediately inform you via this ticket as soon as we have any updates.
It must either be that they’re not interested to work on my issue at all, or they have a completely, hopelessly, incapable, engineering team.
I was getting no where, so as you can imagine, I decided to just let it be. Namecheap has otherwise been really good.
One year on, I see more people are adopting DNSSEC. I decided it was time to check out Namecheap again. DNSSEC was still broken. I contacted support, and referenced my old ticket. I should mention now that my last ticket is still open, and Namecheap has not once contacted me again since March 2017, despite their last message saying, among other things:
We fully understand you in this situation and would like to assure you that we are constantly monitoring the case. Every customer is of the great value for us and usually we are trying to do our best in order to match with the expectations of our clients.
I’m sure it was easy monitoring this case, because they probably had internally marked the ticket as “won’t fix”, so there isn’t anything to monitor.
Anyhow, it’s January 2018 now. Would you believe it, this is what the live chat agent tells me:
I have checked the case thoroughly and regret to let you know that the issue is still being investigated by our technical team.
Seriously, still no progress? I could just picture the chat agent sitting there stone-faced relaying this ridiculous emotion-less status update. Of course I was really mad, and I let the agent know my frustration. I demanded some explanation. But all I got eventually as a follow-up to the 2017 ticket was:
To our deepest regret, the issue is still being investigated at the moment.
You see how it’s like I’m stuck in a loop?
To be fair to Namecheap, their DNSSEC is not 100% broken. It does apparently work for some customers, the proportion of which I don’t know. In fact, it also does work for this blog domain zitseng.com. But it doesn’t work on another domain I have. That’s the one I’ve been bugging them about since January 2017. Still, seriously, it’s been one year, that ticket remains unresolved.
I know, most people don’t know, don’t use, or don’t care about DNSSEC. That’s fine. But it seems for people who care about some particular, not-yet-so-widely adopted feature, it’s hard to find a competent domain registrar.
Another relatively simple thing I want is support for CAA record type. It’s comparatively far simpler than supporting DNSSEC, because CAA is just another resource record. Namecheap doesn’t support that, and looking through their forum, they’ve been telling customers for a while they’re looking into that but do not have any ETA to share.
I start to wonder if things have completely stagnated at Namecheap. Frozen in time. What works, good for everyone. What doesn’t work, won’t get fixed. What isn’t there now, won’t ever come.
So it seems now for me I need to find a competent registrar with DNSSEC and CAA support. GoDaddy came back on the radar again. They support fully-managed DNSSEC only on their Premium DNS service, unfortunately. I honestly don’t mind paying a bit more for DNSSEC, but the price GoDaddy is asking for their Premium DNS is too much for just DNSSEC. I would consider self-hosting in that case, and that’s indeed an option I’m exploring.
I’m evaluating one competent registrar now and will update in due course once I’m satisfied with them. Follow this blog for updates!