.IN Domain is DNSSEC enabled or not
Laurent Bauer
l.bauer at mailclub.fr
Fri Jan 6 17:14:04 UTC 2012
On 06/01/2012 09:03, Kevin Oberman wrote:
> What this shows is that IN itself is signed in the root This is the
> first step in a TLD accepting DS records from sub-domains, but does not
> mean that they are ready to do so. You would really need to contact
> whoever manages .in and ask them if they are accepting keys. Also, even
> if you find a DS record in .in, it may not indicate that they are ready
> to open the doors to general addition of DS records. They may be testing
> and developing tools to handle them and have just a few test cases. I
> know that when I got a DS record added for a zone I handled that it was
> a mostly manual operation to test and confirm that things were working
> when the registry was not yet ready to accept DS keys in any standard way.
Hello,
Yes indeed, a testing phase has opened a couple of month ago, it looks
like the registry will soon be ready to accept DS :
http://www.registry.in/DNSSEC_Deployment
You might want to ask your registrar(s) if they plan to implement DNSSEC
with the .in registry.
Regards,
Laurent Bauer
More information about the bind-users
mailing list