Home / Industry

Registrar DNSSEC Implementation Cheat Sheet

At the Public Interest Registry, our continued commitment to security is rooted in ensuring our Registrars can protect their customers from attacks such as pharming, cache poisoning, DNS redirection, and domain hijacking. We recently announced that three of our registrars, GoDaddy, DYNDNS.com, and NamesBeyond, have adopted DNSSEC and are offering added security protection to their customers. To ensure that all of our registrars know what to consider as they plan out their DNSSEC implementation, I wanted to highlight a "Registrar Implementation Cheat Sheet," written by Shinkuro and Sparta that outlines operational considerations a Registrar should review, including important topics such as NSEC vs. NSEC3, Key Length, and Key Rollovers, as they plan their DNSSEC implementation.

The "cheat sheet," created with the help of our "Friends and Family Registrars," provides those that manage a name service for their customers, a reasonable set of DNSSEC configuration parameters. The goal is to identify configuration parameters that provide effective security without causing an undue burden on Registrars' authoritative name service infrastructure.

At last count twenty six have passed OT&E, as our Registrars begin to make DNSSEC implementation a reality for their sites, , this "cheat sheet" is a must read and will prove to be a valuable tool and guide to ensure that appropriate steps are taken.

Written by Lauren Price, Sr. Product Marketing Manager, .ORG, The Public Interest Registry.

About PIR


Public Interest Registry is a nonprofit corporation that operates the .org top-level domain – the world's third largest "generic" top-level domain with more than 10 million domain names registered worldwide. As an advocate for collaboration, safety and security on the Internet, Public Interest Registry's mission is to empower the global noncommercial community to use the Internet more effectively, and to take a leadership position among Internet stakeholders on policy and other issues relating to the domain naming system. Learn More

Related topics: DNS, DNS Security, Domain Names, Registry Services, Security, Top-Level Domains

WEEKLY WRAP — Get CircleID's Weekly Summary Report by Email:

Related Blogs

Officially Compromised Privacy

The Emotional Cost of Cybercrime

Why I Wrote 'Thinking Security'

Regulation and Reason

In Network Security Design, It's About the Users

Related News


Industry Updates – Sponsored Posts

Radix's .ONLINE Fastest to Sell 100,000 Domains

.PRO Domains Now Available to All

Computerworld Names Afilias' Ram Mohan a Premier 100 Technology Leader

Verisign Mitigates More Attack Activity in Q3 2015 Than Any Other Quarter During Last Two Years

Protect Your Privacy - Opt Out of Public DNS Data Collection

The ".law" Domain Gains Momentum Throughout the Legal Profession

Verisign & Forrester Webinar: Defending Against Cyber Threats in Complex Hybrid-Cloud Environments

Measuring DNS Performance for the User Experience

LogicBoxes Announces Pioneer Registrar Program

Portfolio Update: October Launches and Renewal Rates

We're Moving Forward. You Coming?

Introducing Verisign Public DNS: A Free Recursive DNS Service That Respects Your Privacy

Faster DDoS Mitigation - Introducing Verisign OpenHybrid Customer Activated Mitigation

City of Miami 3rd in U.S. to Launch Dedicated TLD

Internet Grows to 296 Million Domain Names in Q2 2015

.Online Becomes the Fastest TLD to Sell 50,000 Domains

Verisign's Q2'15 DDoS Trends: DDoS for Bitcoin Increasingly Targets Financial Industry

.ONLINE GA Launches with 28,000 Registrations in the First 30 Minutes

Protect Your Network From BYOD Malware Threats With The Verisign DNS Firewall

.ONLINE Sees the Biggest Generic Sunrise Ever

Sponsored Topics