Sections

You are here: Home > Data & Tools > Legacy Projects > Archived Projects > DISI > DNSSEC Operations and Security Practice Statement

Quick Links

RIPE Database Search: By pressing the "Search" button you explicitly express your agreement with the RIPE Database Terms and Conditions.

Service Announcements

All of our services are operating normally.

New on RIPE Labs: RIPE Atlas Code for Analysis and Statistics Reporting May 13, 2013; IPv6 RIPEness - Implementing the Fifth Star May 12, 2013; Proposed Improvements to "Dummification" of Personal Data in the RIPE Database May 08, 2013; BGPlay Integrated in RIPEstat May 08, 2013; Introducing RIPE Atlas "Quick Look" May 07, 2013

DNSSEC Operations and Security Practice Statement

This content is only available for historical reference.

Introduction

This document is intended as a statement of the security practices (physical and network) employed by the RIPE NCC in relation to the operation and forward planning of DNSSEC.

The private keys used by DNSSEC are stored on a machine (known from here on as the "signer") which is physically separated from all machines providing public DNS services. The first section of this do