The United States Department of Defense (DoD) has authorized the DoD Network Information Center (NIC) to sign the .mil zone using DNSSEC. The DoD NIC will sign the .mil zone using a phased implementation plan that will span a three (3) month period. The first phase will consist of signing the .mil zone with an unvalidatable key, similar to the method used to initially sign several other gTLDs, as well as the root zone. During the second phase, the .mil zone will be signed using a validatable key. However, this key will not be released to IANA for inclusion in the root zone until an operational test and assessment have been completed. Essentially, the .mil domain will remain an island (for DNSSEC purposes) during this phase. The third and final phase will consist of submitting the .mil key to IANA for publication in the Internet root zone to allow Internet-wide validation of .mil DNS responses. Tentative timeline to a signed .mil zone: Sep 14-Sep 18 .mil zone signed with an unvalidatable key Sep 19-Dec 11 .mil zone signed with an unpublished, validatable key Dec 12 .mil zone signed, and its DS record is included in the root zone This rollout is expected to be transparent to the Internet user community, however, if there are issues during this period, please contact the DoD NIC at 1-800-365-3642; +1 614-692-2708. Thank you, DoD NIC Administration
participants (1)
-
Cassell, James D CIV DISA NS233