DNSSEC Information & Tools
When the intention to implement Domain Name System Security Extensions (DNSSEC) within the .ORG zone was announced, .ORG, The Public Interest Registry set out to gather information for its community of registrants and users. We've built an extensive area of resources and information to better acquaint the .ORG community with DNSSEC and its efforts to better secure the Internet's infrastructure.
If you have resources or tools for DNSSEC that you would like to add to this website or if you have suggestions or comments about our current DNSSEC information, please contact us at resources (at) pir (dot) org.
DNSSEC - Everything You Want to Know and More
We have created an informational guide to give detailed information on the Domain Name System (DNS) and DNS Security Extensions (DNSSEC).
Protect Your Web Address Today
Everyone should use DNSSEC, but most importantly, large financial institutions. These include credit unions, associations or nonprofit organizations that have online donations coming through their website, a large domain name portfolio holder who wants to ensure traffic goes to their website or any other .ORG domain holder that has highly sensitive data transactions occurring on their websites.
Just imagine how disastrous it would be if you or your organization became the victim of a cache poisoning or domain hijack attack? Protect your hard earned online reputation today with DNSSEC.
DNSSEC Readiness Resources
We have posted resources for companies within the DNSSEC Chain of Trust who want to be DNSSEC compliant. Please click on the documents below to ensure you and your company are able to provide authenticated DNSSEC services.
DNSSEC Impact on Broadband Routers and Firewalls
To assess potential impact of DNSSEC on broadband consumers, Nominet (the .uk registry) tested two dozen residential Internet router and SOHO firewall devices commonly used with broadband services. Download the PDF document for the full report. Source: Nominet (PDF Document, 320 KB)
DNSSEC Checklist for Internet Service Providers
Click on the link above for a readiness checklist document for ISPs to implement DNSSEC. (PDF Document)
Do you have documentation, information, or recommendations for companies and technologies within the chain of trust? Contact us at resources (at) pir (dot) org with your feedback.
Recommended DNSSEC Resources & Websites
Please see these additional resources for information about DNSSEC and its implementation.
DNSSEC Technical Information and Documentation
The core of the DNSSEC specification is described in the following RFCs:
RFC 5910: Domain Name System (DNS) Security Extensions Mapping for the Extensible Provisioning Protocol (EPP)
RFC 4033: DNS Security Introduction and Requirements
RFC 4034: Resource Records for the DNS Security Extensions
RFC 4035: Protocol Modifications for the DNS Security Extensions
RFC 4641: DNSSEC Operational Practices
RFC 5155: (March 2008) introduces an alternative resource record, NSEC3, which provides additional measures against zone enumeration and permits gradual expansion of delegation-centric zones.