Hi Benoit
We encountered the same issue. DNSSEC records get removed on transfer and have to be re added afterwards. (As it is with all Domain Information (Owner, Admin, DNS Records etc)
I have not tried yet to register two domains with the same key, as all our domains have different keys anyway.
Regards
Matthias
On 11/05/15 14:18, Benoit Panizzon wrote:
Dear Swinogers
https://docs.google.com/spreadsheets/d/1UWK6ijLCiLXSIuTT4sS_h0zCqPMCjjhry0b yQprysts/edit?usp=sharing
Hmm, I'm now also forced to transfer my domains to a new registrar :-). I had to select one of the few that support DNSSEC and IPv6 Glue Records and publish IPv6 addresses for their own DNS Servers.
But the transfers is a big bumpy... First I got a duplicate key error, related to the fact, that I signed all my domains with the same key. That was not a problam at Switch, but the new registrar claims my domains need a unique key each, for which I can manage the glue records _after_ the transfer.
The registrar tells me, Switch does not support transfering signed domains. In case of a .ch domain, the 'SEC' key would need to be removed prior to the transfer.
The switch 'transfer' helpdesk told me, that they have not yet heard about that problem and transfering signed domains should not be a problem. But I got the feeling that the agent was not so well informed about the topic DNSSEC.
So did anyone succeed to transfer a signed domains from one registrar to another? Or is it mandatory to first remove the DS glue records at switch?
PS: At IMP we also ended up with multiple copies of our 'DNS Admin' Switch NIC handle at the different registrars to which we have no access anymore because those handels are now owned by customer who transfered their domains.
Wouldn't it be a future improvement to have some kind of handles shared by all the registrars? Solved by openid or a similar technique?
Mit freundlichen Grüssen
Benoit Panizzon