DNSSEC Testbed for Germany
In June 2009, DENIC launched a joint testbed for the Domain Name Security Extensions (DNSSEC) together with the Federal Agency for Security in Information Technology (BSI) (now: Federal Office for Information Security) and the Association of the German Internet Economy eco e.V. (now: eco - Association of the Internet Industry) in order to evaluate the potential effects of DNSSEC if introduced for .de domains. The purpose of DNSSEC is to close security holes in the Internet, such as cache poisoning, DNS redirection and DNS spoofing. Testbed participants had the opportunity to gain technical and operational experience in a test environment and to find out the impacts DNSSEC was going to have on security and reliability on the Internet. The project goal was to rule out operational risks of DNSSEC at an early stage and to find out about user acceptance.
DNSSEC testbed meetings
On 2 July 2009, the Initial DNSSEC Testbed Meeting was held for all active participants and interested parties.
The 2nd DNSSEC Testbed Meeting on 26 January 2010 focused on first experiences with the signed .de zone.
At the 3rd DNSSEC Testbed Meeting on 16 June 2010, reports from the practice were the central topic.
At the 4th DNSSEC Testbed Meeting, the focus had clearly shifted to tools and emerging services in the DNSSEC environment and offered producers the opportunity to present their products.
The 5th DNSSEC Testbed Meeting on 8 February 2011 marked the end of the test phase. The official final testbed report was presented, and the launch of DNSSEC was announced for 31 May 2011.
The testbed infrastructure was maintained until July 2011, when it was finally shut down.
Further Links and Documents
Final DNSSEC Testbed Report as PDF file (in German)
Strategy Paper DNSSEC-Testbed für Deutschland (in German)
Documentation on the Provisioning of DNSSEC Key Material (in German)
Bundesamt für Sicherheit in der Informationstechnik - BSI