As one of the last major gTLDs, .mobi has enabled DNSSEC on their registry systems earlier this month. DNSSEC has also been enabled for the Austrian ccTLD .at and its second level domains .co.at and .or.at.
DNSSEC is a technique that uses encryption – which we all know from SSL certificates – to digitally sign a DNS record. This allows the resolver to validate if the answer received actually comes from the server that you expect it to come from, and to check if the contents of the record have not been modified during transit. This prevents so-called “DNS poisoning” – a malicious way of inserting incorrect data into the DNS.
Activating DNSSEC for your domains is extremely simple if you use the Openprovider nameservers. Just click the “enable DNSSEC” bullet in the control panel and you are done! If you are using your own nameservers, you will need to sign the zone on those nameservers and copy the required data to Openprovider.
If you have any question on how to set it up, we are glad to help you! Within our Knowledge Base, you can find a dedicated section with the most common questions and answers about DNSSEC. You can also find a list of all TLDs that support DNSSEC here. This list is continuously updated. If you have any other questions, our support team is happy to assist you.