DNSSec

EPP

DNSSEC support on the EPP server is based on RFC 5910 and affects domain creation and update commands (transfer, trade, transfer-trade and transfer-restore are considered equal to create in this regard).

For each of these operations only the DS (<dsData> tag) is supported, the public key information DNSKEY inside <dsData> tag (<keyData> tag inside of <dsData> tag) may be provided but is ignored (at a later time it may be checked for consistency with digest).

The complete DNSSEC details are listed on the interface, registrar interface for registrars and registrant interface on transfer/trade approval (displayed when nameservers are displayed).

Obviously DNSSec support by registrars is completely optional. However, in case of transfers or nameserver changes, special care should be taken for secured domain names, or they might appear bogus to validating resolvers.

NSTest

DNSSEC is supported and being checked by registry backend. See NSTest protocol documentation for the backwards-compatible protocol extension.

Quick-Links

Connect yourself to

my.lu enables you to manage your .lu domain names online - anytime, anywhere

Search

DNSSec

EPP

NSTest

Quick-Links

Home

LU Domains

Support

Registrars

About DNS-LU