Let’s Encrypt always verifies DNSSEC. There are some cases CAs are permitted to not, but it is simpler for us and everyone to just always validate. We do not require domains to be DNSSEC signed.
Let’s Encrypt always verifies DNSSEC. There are some cases CAs are permitted to not, but it is simpler for us and everyone to just always validate. We do not require domains to be DNSSEC signed.