The “DNSSEC Testbed for Germany” entered the decisive phase: From 2 March 2010 DENIC gives also second level domains under .de the opportunity to participate in the DNSSEC testbed and to record the related key material.
In this process, DENIC initially registers the Key Signing Keys used as Trust Anchor, and then publishes the corresponding DS records in the .de zone accessible in the testbed. Thus, for the first time, the participants in the testbed will receive DNSSEC-secured responses for the second level domains involved. This is a considerable improvement compared with the previous status.
After having successfully implemented the signed version of the .de zone in the testbed environment in January, DENIC now makes available in the second phase of the project interfaces for registering and administering the key material of the delegated .de domains. These new features are also supported by the information services “whois” and “domain query”.
To be able to participate in the testbed, domain holders must use a DNSSEC-capable name server software for their domain. This is an essential prerequisite. At the present moment, the implementation is primarily suited for domain holders who operate their own name servers. As in domain registration and administration, the Key Signing Key is registered by the Internet service provider or domain registrar who administers the domain. Thus, interested domain holders are requested to contact their providers directly and to consult them about their personal options for using DNSSEC.
For more details check out www.denic.de