Registrar DNSSEC Implementation Cheat Sheet

Home / Industry

Registrar DNSSEC Implementation Cheat Sheet

	By .ORG (Sponsored Post) The Original Purpose-Driven Generic Top-Level Domain
	August 10, 2010 Views: 11,478

At the Public Interest Registry, our continued commitment to security is rooted in ensuring our Registrars can protect their customers from attacks such as pharming, cache poisoning, DNS redirection, and domain hijacking. We recently announced that three of our registrars, GoDaddy, DYNDNS.com, and NamesBeyond, have adopted DNSSEC and are offering added security protection to their customers. To ensure that all of our registrars know what to consider as they plan out their DNSSEC implementation, I wanted to highlight a “Registrar Implementation Cheat Sheet,” written by Shinkuro and Sparta that outlines operational considerations a Registrar should review, including important topics such as NSEC vs. NSEC3, Key Length, and Key Rollovers, as they plan their DNSSEC implementation.

The “cheat sheet,” created with the help of our “Friends and Family Registrars,” provides those that manage a name service for their customers, a reasonable set of DNSSEC configuration parameters. The goal is to identify configuration parameters that provide effective security without causing an undue burden on Registrars’ authoritative name service infrastructure.

At last count twenty six have passed OT&E, as our Registrars begin to make DNSSEC implementation a reality for their sites, , this “cheat sheet” is a must read and will prove to be a valuable tool and guide to ensure that appropriate steps are taken.

Written by Lauren Price, Sr. Product Marketing Manager, .ORG, The Public Interest Registry.

By .ORG, The Original Purpose-Driven Generic Top-Level Domain — Public Interest Registry (PIR) is a nonprofit that operates the .ORG top-level domain – one of the world’s largest generic top-level domains with more than 10.6 million domain names registered worldwide. PIR has been a champion for a free and open Internet for two decades with a clear mission to be an exemplary domain name registry, provide a trusted digital identity and help educate those who dedicate themselves to improving our world.
Visit Page

Filed Under

Comments

Commenting is not available in this channel entry.

The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.