Over the next several weeks, Verisign will deploy DNSSEC in the .com
zone. This message contains operational information related to the
deployment that might be of interest to the Internet operational
The .com DNSSEC deployment consists of the following major milestones:
February 26, 2011: The .com registry system will allow
ICANN-accredited registrars to submit DS records for domains under
.com. These DS records will not be published in the .com zone until
the .com zone is actually signed.
February 28, 2011: A deliberately unvalidatable .com zone will be
published. Any DS records for .com that have been submitted by
registrars will be published in the deliberately unvalidatable zone.
March 31, 2011: The .com key material will have been unobscured over
the course of the preceding several days and the .com zone will now be
usable for DNSSEC validation. DS records for .com should appear in
the root zone on this day.
If you have any questions or comments, please send email to
firstname.lastname@example.org or reply to this message.