AT-LARGE GATEWAY

At-Large Website

ALAC

RALOs

At-Large Regional Policy Engagement Program (ARPEP)

At-Large Governance

At-Large Reports

Policy Comments & Advice

Working Groups

ICANN Meetings

At-Large Summit (ATLAS III)

At-Large Review Implementation Plan Development

ALAC and RALO Elections, Selections, and Appointments

At-Large FY25 Strategic Priority Activities

Domain Name System Security Extensions

DNSSEC introduces security at the infrastructure level through a

hierarchy of cryptographic signatures attached to the DNS records.

Users are assured that the source of the data is verifi ably the stated

source, and that the mapping of name to Internet Protocol (IP) address

is accurate. DNSSEC-compliant name servers also provide denial of

existence, that is, they tell a user that a name does not exist. There are

two dominant strategies: (1) a process that zone operators can initiate

for digitally signing their own zones by employing public-private key

pairs and (2) a chain of trust between parent and child that enables

the system eventually to become trustworthy.

  • No labels