DNSSEC Status Update in UA Dmitry Kohmanyuk Feb 7, 2012
Zone UA Key Generation Ceremony December 2, 2011 Key parameters: RSASHA512 (algorithm 10) KSK bits: 2048 ZSK bits: 1024
Test zone UA.UA Zone UA.UA signed, keys in DLV (dlv.isc.org) UA has DS records for ua.ua and rovno.ua Test web site (can use Firefox plugin to verify)
Zone UA DNSSEC Tested Test signing environment running: BIND 9.8 NSEC3 (with opt-out)
Public server with signed UA for testing ho1.ua.ua 195.47.253.17 2001:67c:258::17 Test anchor: ua. IN DS 29019 10 2 68B5F97978F45398C9C0382161701EA3AB4A882011DCAA4F5188800D D58FE2AD This is not a production zone, use as your own risk (but NS records are same)
Public resolver with enabled DNSSEC validation lh.cctld.ua 194.44.71.71 2001:7f8:55:7::71
What next Using production keys and signer DS publication in root zone ... Profit!
Questions? www.hostmaster.ua Whois.ua info@hostmaster.ua