RIPE NCC Confirms Commitment to DNSSEC Deployment in the Root Zone

Amsterdam, 16 December 2009

On 1 December 2009, ICANN and VeriSign began to deploy DNSSEC across the root server system when they signed the root zone using DNSSEC. They noted that the signing would become public from January 2010, when the process of signing each of the 13 root servers in turn would begin. This process will continue until July 2010, when ICANN publishes the root zone trust anchor and root operators begin to serve the signed root zone with actual keys.

On 15 December 2009, the root zone DNSSEC deployment team launched a website that provides information about DNSSEC for the root zone.

The website is a repository for the documentation relating to the deployment of DNSSEC in the root zone, and it includes information such as technical status updates and the full timetable for the deployment of DNSSEC.

The RIPE NCC, operator of K-root, confirms its commitment to support the ICANN/VeriSign initiative and coordinate with the other root zone server operators in the deployment of DNSSEC in the root zone.

The RIPE NCC also provides data collection and measurements that allows monitoring of the effects the transition has on the overall performance of the root server system. This information is available on RIPE Labs.

Further details on the RIPE NCC's operation of K-root are available on k.root-servers.org.