DNSSEC is a set of extensions to DNS which enable establishing a chain of trust for a domain. By signing their zone with DNSSEC, domain registrants protect the visitors of their websites against phishing, cache poisoning and many other Internet threats.
Establishing a Chain of Trust
In order to establish a chain of trust, you need to:
- Sign the domain zone and upload it to the authoritative DNS server
- Log in to "Manage your account → My domains", enter the DNSKEY record, one or several DS records.
For gTLDs and foreign (i.e., not Russian) ccTLDs you can specify only a DS record.
Change Implementation Time
Change implementation time depends on when the changes were made and corresponds to domain delegation time:
- for .РФ and .SU domains - up to 2 hours;
- gTLDs and foreign ccTLDs are signed within a few minutes.
Turning Off DNSSEC
You may delete domain chain of trust in panel "Manage your account → My domains". This will delete all the DS records of the domain.