For .lu accredited registrars, implementing the DNSSEC protocol is essential to make .lu domain names secure.
Programmed into the EPP server made available by the .lu registry, the DNSSEC protocol concerns domain name creations and modifications, with several features:
Technical reference document: RFC 5910 ‘Domain Name System (DNS) Security Extensions Mapping for the Extensible Provisioning Protocol (EPP)’
DS tag supported: <dsData>.
Additional DS tag: (<keyData>); information on the DNSKEY public key within the <dsData> tag may be provided (for later validation purposes), but will be ignored.
Accepted algorithms: Cryptographic and hashing performed by the software LDNS.
Visibility of registered data: Web interfaces of the registrar and domain name owner, at the DNS data level.
Warning: If the DNS servers are transferred or changed, make sure you do not provide a secure domain that cannot be validated
A DNS server or names server is a computer connected to the Internet. It contains information about the services related to a domain name and answers any queries about this information. For example, it translates a domain name into an IP address to enable access to a website/s and/or email inboxes linked to a domain name.
DNSSEC (Domain Name System Security Extensions) technology authenticates DNS records using cryptographic keys to ensure that each domain fits perfectly into a trusted chain within the tree of the Internet-based naming system.
Info! DNSECC support is optional, but highly recommended for all users.