DNSSEC is a great thing that, unfortunately, was not easy to implement, and therefore the vast majority of web domains or DNSs do not take advantage of this security advantage.
Domain Name System Security Extensions or shorter DNSSEC is an Internet security protocol designed to detect and stop interception and change data on authoritative servers. DNSSEC provides the Internet user with the credibility that the website he or she visits is truly the same as the one he or she typed into the web browser.
The introduction of DNSSEC is a long-term strategy for ensuring a higher level of Internet security, and its introduction not only protects users and their data, but also helps build a more secure global system.
Who can / should use it?
Internet users do not have to take any further steps. If your ISP supports DNSSEC then you are protected and security checks are performed on the DNS servers of the ISP.
To start, read short instruction and follow them up through instruction pictures below.
So, first you need to visit your DNS zone within GCP panel. Then enable DNSSEC by clicking ”on”.
Google Cloud DNS will create DNSSEC records for a “key Tag, Algorithm, Digest type, and Digest” which are alone needed for registrar. Then open the zone you have your record sets. Next, open your “Registrar setup” link, and there you will find all necessary information which you need for your registrar. So, after enabling DNSSEC for your zone, you must activate DNSSEC at your registrar.
My registrar is Namecheap, and there is an Advanced DNS panel where you insert your information from google.