Multiple people, including myself, have reported on Twitter that Namecheap had a DNSSEC outage a day ago which caused an unknown number of domains to stop being resolved by major DNS resolvers including Google 8.8.8.8, Cloudflare 1.1.1.1, and Verisign 64.6.64.6. Some are still down today, presumably due to downstream caching.<p>I do not mind that they had an outage. What I do mind is their response to it. They still have not acknowledged the problem on their status page, and they refuse to provide any post-mortem.<p>I searched on Twitter and this problem seems to be occurring yearly. I have serious concerns about how they run operations, DNS should be mission critical for a registrar.<p>Which registrar takes DNSSEC more seriously, where should I move my domains?
A very simple prophylactic for this kind of problem: <i>don't use DNSSEC</i>. I'm sure this sounds like snark, but it's the best DNSSEC advice I think exists in 2019.
You can keep Namecheap as a registrar but use a different DNS provider.<p>I have Namecheap for registrar and Cloudflare for DNS, another provider with solid free service is NS1.<p>At that point the only interaction in terms of DNSSEC you have with your registrar are managing the DS records with your parent zone. Namecheap fortunately does this with a web form, whereas I've seen others require it through email/support ticket.