[dns-operations] DNSSEC deployment in Sweden

Kjetil Jensen lists at kjette.se
Wed Dec 28 15:23:04 UTC 2011


Hi,

I have been idle in this list and below is a short presentation of myself.

My name is Kjetil Jensen and works at Binero as Registry Manager. My
daily work is to ensure that the infrastructure around the domains and
DNS are functioning here and are also involved in development, such as
DNSSEC projects.

Since January 2010 we run Anycast DNS for providing stability, security
and reduced response times for our customers' domains. Our main provider
of Anycast services are UltraDNS.

Today we became ready to sign a bunch of domains, just over 100,000. SE
domains have been signed with DNSSEC.

The process has gone very smoothly, we are running hidden-master with
PowerDNS that is doing the signing part.

Some bugs have been discovered and patched by our provider Atomia and
the hall of fame for that should go to Jimmy Bergman
(https://twitter.com/#!/jimmybergman) for solving those for us.

http://wiki.powerdns.com/trac/changeset/2314
http://wiki.powerdns.com/trac/changeset/2318
http://wiki.powerdns.com/trac/changeset/2320

When those bugs was discovered we had to disable DNSSEC for the domains
we ran in our first batch, therefor the stats may look a little awkward :)

https://www.iis.se/en/domaner/statistik/tillvaxt?chart=per-type

I hope in the future that we will see similar deployments, I only know
of few such as with .CZ etc and ACTIVE 24, s.r.o.

And also big thanks to Mats Dufberg (TeliaSonera), Jakob Schlyter
(Kirei), Patrik Wallström (.SE) and Marc Lampo (EURid), we could not
have experienced such seamless process without you.
-- 
Kindest Regards

Kjetil Jensen
--------------------------------
Binero AB
E-mail: kjetil.jensen at binero.se
Switchboard #: +46 771-24 08 00
Direct #: +46 8-525 090 55 Ext: #1007
Cell #: +46 76 83 80 300

Follow Binero on twitter http://twitter.com/binero


More information about the dns-operations mailing list