DNSSEC (Security Extensions for the Domain Name System) uses public key cryptographic techniques to
counter spoofing attacks on the Internet's name resolution system. Brief introduction
and many more resources here
. CCDS has implemented
DNSSEC on its authoritative name servers ns1.countryday.net and ns2.countryday.net. The countryday.net and countryday.com zones are
digitally signed, and secure delegations from their top-level domains are in place.
DNSSEC achieved a significant implementation milestone when VeriSign digitally signed the “com” top-level domain on
March 31, 2011. See ICANN‘s report
on the number of top-level domains currently enabled for DNSSEC.
The DNSSEC Analyzer at Verisign Labs confirms the integrity of the chains of trust from the root zone
to our zones. Click below to analyze:
The thumbnails on the right from Sandia National Laboratories depict the DNSSEC chains of trust graphically.
Click on the thumbnail images for larger, live versions. Please allow several seconds for these pages to load.