VeriSign has announced the rollout of its cloud-based DNSSec Signing Service for registrars, which allows DNSSec provisions to be added to second-level domain names. Pat Kane, assistant general manager of naming services at VeriSign, told V3.co.uk that progress being made is at the registry and root levels.
"Root signing is key to building a safer infrastructure and the real heavy lifting on that is done by the registrars. Today we've begun to enable the tools to help registrars meet the demands of their customers," he said.

More and more domains are signing up to DNSSec, Kane added, including full integration with .edu. Registrars will be able to evaluate the service until the end of next year.

DNSSec provides a better level of security that existing provisions and is useful at thwarting man-in-the-middle and cache poisoning attacks.