All root servers are DNSSEC-ready

As reported today in The H Online, “all 13 root servers are now serving a signed version of the root zone.”  And, despite numerous rumors circulating on the web, the article notes:

There have been no reports of any problems in the immediate aftermath of VeriSign’s J root server starting to serve DNSSEC signatures. Experts at the 60th RIPE meeting in Prague were almost unanimous in predicting a glitch-free switchover, following the successful switchovers of the other 12 root servers in recent months. The only apocalyptic note was sounded by a countdown to the demise of the unsigned root zone.

The article discusses next steps, including disclosure of a public key and a June key signing ceremony that will bring together volunteer crypto officers and recovery key share holders from around the world.

Comments are closed.