.com DNSSEC operational message

Matt Larson mlarson at verisign.com
Fri Jan 28 13:58:56 UTC 2011


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Over the next several weeks, Verisign will deploy DNSSEC in the .com
zone.  This message contains operational information related to the
deployment that might be of interest to the Internet operational
community.

The .com DNSSEC deployment consists of the following major milestones:

February 26, 2011: The .com registry system will allow
ICANN-accredited registrars to submit DS records for domains under
.com.  These DS records will not be published in the .com zone until
the .com zone is actually signed.

February 28, 2011: A deliberately unvalidatable .com zone will be
published.  Any DS records for .com that have been submitted by
registrars will be published in the deliberately unvalidatable zone.

March 31, 2011: The .com key material will have been unobscured over
the course of the preceding several days and the .com zone will now be
usable for DNSSEC validation.  DS records for .com should appear in
the root zone on this day.


If you have any questions or comments, please send email to
info at verisign-grs.com or reply to this message.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (Darwin)

iQEVAwUBTULLoNdGiUJktOYBAQLgewgAkGWNabyhkidMp5Y/58yDl90td1PFd7X7
Q3rQNAeWOrbJFrMuLoBbmKpfk68c4MjIYzCTKwdER84Jj4MRxbNiDgsMpk3+Br5R
qM3NdskB9AwZ90foPU4MPDw8IvBK7SsOHltsf5eyLGbKkoNPBzcDiK3woSTX2XbR
xTwOlAHTMdF1IP5o3ytca3a4BwqeRmrErAJGDVlWvbK3KPeV9iDWa+jCkoFTcDD8
6p3syOjimnaJnagRPnm5HodeNb9gH2SVZqKHczKBsapxL5wga2MIAowdmBwzL1Wi
DuUzTg5eWx7tG0F112lAyHDCFhil7KLHllree/dqXyyic7paV0e1uA==
=bGtT
-----END PGP SIGNATURE-----




More information about the NANOG mailing list