IIT Home Page CNR Home Page

DNSSEC in the ccTLD .it - Main EPP implementation choices

The DNS protocol (Domain Name System) defines the specifications to provide a domain name resolution service that has no form of authentication nor implements mechanisms to ensure data integrity. In order to overcome this limitation, the IETF has defined a protocol known as Domain Name System Security Extensions (DNSSEC). The registration system of the .it Registry allows Registrars to register and maintain domain names and their DNS configurations in real time. The system uses the EPP (Extensible Provisioning Protocol) protocol to comply with internationally accepted standards. The EPP is a synchronous client-server protocol based on XML requests and responses on HTTP protocol. This document outlines the main choices of .it Registry about the DNSSEC implementation. Registrars wishing to provide DNSSEC service for .it domains must take some actions involving both their DNS and their EPP client.

Autori IIT:

Tipo: Rapporto Tecnico
Area di disciplina: Information Technology and Communication Systems
IIT TR-01/2017

File: TR 01-2017.pdf

Attività: Unità Sistemi e Sviluppo Tecnologico