.nyc DNSSEC Practice Statement

< Back to Policies

Domain Name System Security Extensions (“DNSSEC”) are a set of technical specifications for securing certain kinds of information provided by the Domain Name System (DNS) and intended to protect Internet users from certain types of malicious activities and attacks.

Among other things, DNSSEC introduces digital signatures to the DNS infrastructure to help fight against impersonation attacks, data integrity attacks, and the risk of users being diverted to any unintended or unsafe websites (also known as “man-in-the-middle” attacks). With this technology implemented, DNSSEC will automatically signal that users have been directed to the precise websites they intend to reach – minimizing the risk that they will be unwittingly “hijacked” and misdirected to sites that may put their safety and security in jeopardy.

The .nyc Registry provides DNSSEC services to its registrars who in turn provide these services to their registrants. The registry has developed a DNSSEC Practice Statement to provide information about the security measures and management of DNSSEC digital keys in the .nyc namespace. Please click on the link below to download the full statement.

DNSSEC Practice Statement & Policy (PDF)