Decommissioning the DLV

Completed as of September 30, 2017

Update, September 30, 2017: The DLV contents have been replaced with a signed empty zone. There is no longer any need or benefit to querying the DLV.


The ISC DLV Registry has been available since 2006, and ISC has been happy to provide the service. However, due to the great progress that native DNSSEC has made, we have decided that it is time to wind down the project. It has served its purpose well.

If you have a zone that can be properly validated to the root, please do that. It helps everyone. If you’re not sure if your zone can be validated, we recommend you try the DNSViz tool. If you have a zone already in DLV that could validate properly to the Root, we’d like you to remove it from DLV. For now, these are just requests.

In 2016, we plan to stop accepting zones that could validate to the root, and will remove from the DLV any zones that already do. We will remove all records from DLV in 2017, but leave the (empty) service running.

We thank everyone who has participated in this project, and encourage everyone to sign their zones and publish their zones with native DNSSEC!


We discussed our plans at ICANN in February in Singapore, at DNS-OARC and RIPE in May in Amsterdam, and at NANOG in San Francisco in June. The feedback from those groups was very positive in favor of moving ahead with this timeline. There are a few more details in the presentations linked below.

ICANN 52, Sunset for the DLV– Vicky Risk, Director of Marketing February 9, 2015
RIPE 70 – Sunset for the DLV– Jim Martin, Director of Operations May 13, 2015
We have directly notified those operating system distributors of BIND that we are aware of, as well as the Unbound team at NLNET Labs. If you know of other organizations we should notify, let us know at dlv@isc.org.

Recent Posts

What's New from ISC