The Domain Name System Security Extension Workshop put together by the Nigeria Internet Registration Association (NiRA) and Network Startup Resource Center (NSRC) has brought about more awareness and understanding in the ecosystem. It provided the opportunity for participants to have a clearer picture of what the domain security extension means to the participants, and how it works.
In a nutshell, the DNSSEC protocol uses public key cryptography to give authentication and integrity to the DNS queries. It is simply data authenticity and integrity which is achieved by signing the Resource Record sets with a private key.
All parties involved in the Domain Name System operation have roles to play in the full implementation of DNSSEC. The chain of trust begins from the DNS root server level and cascades to the Registrant that the fully qualified domain name is delegated to. Each of the zones must be signed and must correspond to the Delegation Signer record in the top level zones.