Wednesday, March 24, 2010

DNSSEC: More Security for Root DNS Servers

Via -

From today (Wednesday) at 5pm CET, the K DNS root server operated by the European RIPE internet registry will provide a DNS zone signed with the DNSSEC security protocol. Two hours earlier, the D-Root server operated by the University of Maryland will start returning signed responses. The E-Root server operated by NASA is scheduled to follow in the early evening.

This means that seven of the
13 central root servers which constitute the Domain Name System (DNS) responsible for domain name resolution on the internet will then return signed responses. On the sidelines of the 77th meeting of the Internet Engineering Task Force (IETF) in Los Angeles this week, the Internet Corporation for Assigned Names and Numbers (ICANN), VeriSign and the American National Telecommunications and Information Administration (NTIA) reported that so far the transition has been smooth.


For the time being, users will also still be able to access one of the remaining 6 root servers without DNSSEC. ICANN, VeriSign and the NTIA decided on this gradual transition as a precautionary measure.

No comments:

Post a Comment