Implementing DNSSEC under the .pr ccTLD

Abstract

When the Internet was developed it was not designed with security in consideration. It currently relies on the Domain Name System protocol for name resolution which is home to many types of exploits. The Internet Engineering Task Force developed a set of extensions to address these security concerns that resulted in the Domain Name System Security Extensions protocol DNSSEC. Users of this protocol will benefit from authentication and data integrity in a medium which has been historically insecure. Here we implement DNSSEC under the .pr country code toplevel domain. To do so, we acquired the domain name luis.est.pr and a Virtual Private Server from HostGator.com with full root access. A PHP: Hypertext Preprocessor script was developed to aid in the process of periodic zone maintenance required by the protocol. Our resulting configuration was validated with three online tools used to test a successful DNSSEC environment. Key Terms - BIND, DNS, DNSSEC, Security.