I transferred my domain to Njalla

Almost a year has passed since I bought a new domain name using the privacy-aware domain registration service from Njalla. Based on my experience with the service, I felt confident enough to go ahead and transfer my primary domain from Namecheap to Njalla.

Transferring a domain to Njalla
Fast forward an hour and Njalla becomes the new legal owner of paranoidpenguin.net… exciting times huh? So legally Njalla owns the domain name, but they grant you (me) full usage rig hts to the domain (including transfer of ownership).

This is where trust becomes part of the equation, but that is to some extent the case with any sponsoring registrar or reseller. As I have good faith in the people behind Njalla based on their previous ventures, I won’t be losing (too) much sleep over this decision.

Why isn’t a regular domain privacy service enough?

If you (unlike me) have a strong need for privacy and protection, then you should be aware that domain privacy services usually come with a similar worded disclaimer:

We expressly reserves the right, in its sole discretion and without any liability to you whatsoever, to suspend or cancel your use of the Service and/or reveal the Registration Information in any public WHOIS search or to any third party at any time without notice to you

Right, that won’t protect anyone from more than spambots choking on already available WHOIS data.

Why leave Namecheap?

Strictly speaking, my adversaries are advertisers, social media companies and tech giants harvesting personal data, so the hardened privacy Njalla provides is definitely welcome, but it’s not an absolute requirement in my case.

I do however share Njalla’s conviction regarding the right to privacy and anonymity for all, so by paying for their services I feel like I’m making a small contribution towards that goal.

I would also like to mention a few technical issue I experienced with Namecheap and their BasicDNS service in particular. BasicDNS doesn’t provide CAA or SSHFP records and I was even unable to add a 2048 bit DKIM key TXT record. The DKIM issue forced me to downgrade to 1024 bit keys after wasting valuable time troubleshooting my email service.

Njalla on the other hand provides a far better DNS service already included with their domain service.

Njalla - DNS management

Getting my DNS records ready while the domain is pending tranfer.

Downsides with Njalla?

I should probably mention the lack of DNSSEC support which I previously had enabled on my domain name with Namecheap. However, that’s a sacrifice I’m willing to make. DNSSEC won’t be useful until adaptation reaches a 100% and every DNS resolver implements it, which will effectively be never.

DNSSEC can also be difficult to implement as I experienced after enabling it with a “simple click of a button” with Namecheap. Unfortunately the key and signatures were never published to the zone file, thus rendering paranoidpenguin.net a nonexistent domain name for any visitor behind a DNS resolver with DNSSEC support.

Namecheap - DNSSEC

Namecheap DNSSEC zone signing failure rendering paranoidpenguin.net nonexistent.