As of about 45 minutes ago the .ie zone has had DNSSEC turned on.
For the next few months DS records will be processed manually
Here’s the full announcement:
IEDR are pleased to announce the deployment of DNS security extensions (DNSSEC) for the .ie country code top level domain (ccTLD). This protocol will enable service providers to offer additional security for DNS transactions for .ie domain holders, their customers and the internet at large. DNSSEC provides data origin authentication and data integrity verification to the global domain name system through the use of public key cryptographic signatures. It prevents many potential attack vectors via the unsecured DNS.
This deployment is the culmination of research and development starting in 2010, designing and building the IEDR DNSSEC infrastructure in 2011 and today the deployment of the first signed IE zone. The addition of DNSSEC for .ie domain users means many other security protocols such as DANE can be used by .ie domain users.
Commenting on the deployment, the IEDR DNSSEC Programme Manager, Billy Glynn said “we’re delighted to have pushed out our first DNSSEC signed zone. We’ve been signing the IE zone in parallel systems for over two years now and we feel this is a good time to deploy in production. This is an exciting initiative that will allow IE domain holders to leverage other security protocols such as DANE and it’s variants which will add extra security to email and websites.”
IEDR would like to thank the Irish DNSSEC Task Force members for their patience and commitment to DNSSEC in Ireland
- DNSSEC Adoption – The Current Functionality Gap (Part 2) (circleid.com)