» Member login

» Send my own surveys

» Quick tour

1. Your top-level domain:   65 Responses

2. Do you know what DNSSEC is?   1   Yes 60 92% 2   I know what it is, but don't know how it works.  4 6% 3   I have heard about it, but don't know what problem it solves  1 2% 4   No 0 0% Total 65 100%

3. Has your registry implemented DNSSEC, or is actively implementing DNSSEC?   1   Yes 16 25% 2   No 49 75% Total 65 100%

4. Do you plan to implement DNSSEC?   Yes 39 80% No 10 20% Total 49 100%

Questions for registries not implementing DNSSEC

5. Please briefly explain why you do not intend to implement DNSSEC in the next three years.   9 Responses

Questions for registries that have deployed DNSSEC

6. [NEW] For DNSSEC, what impementation phase are you in now?   1   Implementation Phase 10 67% 2   Test Phase 1 7% 3   Fully Deployed 4 27% Total 15 100%

7. Please briefly describe the technical environment you use for DNSSEC   13 Responses

8. Please briefly describe your experience in implementing DNSSEC   12 Responses

Questions for registries about to implement DNSSEC

9. What is the planned timeline for implementing DNSSEC?   1   Within 12 months 13 35% 2   Within 2 years 18 49% 3   2-4 years 6 16% Total 37 100%

10. Please briefly describe the technical environment you plan to use to implement DNSSEC:   26 Responses

11. Please briefly describe how strategically important you consider DNSSEC to be. (Please explain what the principal drivers are, the goals you would like to achieve with DNSSEC, and the main threats and opportunities you foresee).   57 Responses

Signing the DNS Root

12. Is it important to you that the DNS root zone is signed?   1   Yes 57 88% 2   No 8 12% Total 65 100%

13. [UPDATED] Who, in your opinion, should be signer of the DNS root zone?   1   VeriSign 3 5% 2   ICANN/IANA 47 76% 3   Some other non-governmental organisation 2 3% 4   A government 1 2% 5   A grouping of governments 3 5% Other, please specify 6 10% Total 62 100%

14. [NEW] Are you aware of the Interim Trust Anchor Repository (ITAR) provided by IANA?   1   Yes 46 71% 2   No 19 29% Total 65 100%

15. [NEW] Are you using ITAR for your registry?   1   Yes, deployed DNSSEC and used ITAR  6 13% 2   No, deployed DNSSEC without using ITAR 0 0% 3   No, haven’t deployed DNSSEC 40 87% Total 46 100%

16. [NEW] It was announced on 3 June 2009 that two agencies of the U.S. Department of Commerce, ICANN and VeriSign are working on an interim approach to deployment, by year’s end, of DNSSEC at the authoritative root zone. What is your view?   1   The fact that the deployment is interim does not impact our implementation plan  38 62% 2   We are reconsidering our planning until it is clear how under the interim approach DNSSEC will be deployed.  6 10% 3   We postpone our implementation until the definite plan to sign the root is made public.  17 28% Total 61 100%

17. [NEW] It was also identified that VeriSign will manage and have operational responsibility for the Zone Signing Key in the interim arrangement, and that ICANN will manage the Key Signing Key process. ICANN will work closely with VeriSign regarding the operational and cryptographic issues involved. Does the proposed arrangement concern you?   1   Yes 20 31% 2   No 45 69% Total 65 100%

18. Please explain your concerns about the proposed signing arrangement.   15 Responses

19. Please choose your view:   1   The proposed arrangement between VeriSign and ICANN does not impact our planning 48 74% 2   We are reconsidering our planning as a result of the proposed arrangement 13 20% 3   We will not implement DNSSEC as a result of the proposed arrangement 4 6% Total 65 100%

20. Please explain your concerns that is causing you to reconsider or not deploy DNSSEC.   10 Responses

Exchange of Information and Experiences

21. [NEW] Would it be of any interest to you to have updated and relevant statistics about the total number of signed zones, worldwide (or as far as applicable)?   1   Yes 60 94% 2   No 4 6% Total 64 100%

22. Do you think there is a need to exchange DNSSEC experiences between TLD managers?   1   Yes 63 98% 2   No 1 2% Total 64 100%

23. Do you think the ccNSO should actively promote the deployment of DNSSEC?   1   Yes 52 80% 2   No 13 20% Total 65 100%

24. Please explain how you think the ccNSO should promote DNSSEC:   43 Responses