As the technologists behind Public Interest Registry (PIR), we take our commitment to the security and stability of the .ORG domain seriously. We’d like to provide our own view, as the people ultimately responsible for the operation of the .ORG domain, on some of the concerns we’ve heard recently regarding the future of PIR and the security and stability of .ORG.
What are high level concerns for registrars for DNSSEC?
You must actively maintain the extra DNSSEC data, including securing the DNSSEC private key data used to sign zones.
If the key information is compromised, you must take immediate action to rollover (replace) the key.
You may have to educate your customers on how to make their software DNSSEC-aware.
There have been a few reported cases of bugs in network gear, such as routers, switches, and wireless access points that require end-users to upgrade their network gear in order to resolve signed domain names.