Discussions

Google Gemini says that Control D can generate HTTPS resource records to ensure that HTTPS is used immediately and exclusively, but on my "Some Control" plan I can only modify A/AAAA/CNAME records and that capability isn't advertised for the "Full Control" tier, so I assume Control D doesn't actually have this feature.

Use Case: The vast majority of important domains currently don't have HTTPS RRs, surprisingly. Or they have HTTPS records for the landing page but not the actual app page (e.g., www.fastmail.com and app.fastmail.com).

Would also be useful to show in the UI when HTTPS records are present (e.g., make the activity log show them in green or something), to see which domains can and can't be downgraded by a MITM attack and where advocacy needs to be done.