Last week was a great time at ICANN 38 and a huge step for DNS. The organization behind .org, Public Internet Registry, launched live DNSSEC registrations. Always pushing DNS further, Dyn Inc. is one of three registrars who already support DNSSEC for users who want to use DNSSEC for their domain names. This technology is like HTTPS for DNS (all the authentication but no encryption – DNS data is public).
Within a few years, this will be a standard part of DNS but we’re happy to bring it to you now. With the upcoming DNS root being signed and other TLDs announcing support for DNSSEC, this is a topic you will be hearing more about. Like HTTPS, Web servers need to have certificates and then browsers and applications needs to validate those certificates. The same is true with DNSSEC. DNS operators like PIR and Dyn Inc. need to provide the infrastructure for certificates which will enable browsers and applications to take advantage of the system.
For customers who want to have a higher level of security for their domain, give it a try with any .org domain (we also support .se for DNSSEC). Our Dynect Platform makes DNSSEC easy (couple clicks) and pretty much handles all of the key management and roll overs.
DNSSEC for a domain names mean a few extra fields of data that have some cryptographic data. That data goes into the registry from the DNS operator. When end users query your domain name, they get the registry data (both the nameservers and the DNSSEC data) and then query the DNS server (hopefully us!) and compare the crypto data to make sure that the answers you get are the correct ones. All of this takes place behind the scenes with DNSSEC and validating resolvers – a standard to come.
Want to see what it looks like? First graphic is what it looks like to add a DS record (the DNSSEC data for a domain name) and the second is what the registry actually produced. It’s pretty cool and one of the biggest changes to the DNS system in recent years. We’re proud and happy to support it ahead of many others. Enjoy and looking forward to the feedback and adoption.