Inscribe tu dominio: .cl
DNSSEC in .CL - Security for the DNS

KSK key(s) for .CL

In this place will be kept all the KSK signing keys for .CL zone, for verification purposes.

NIC Chile do not recommend the installation and configuration of this key directly in the resolvers. This key will be submitted and included in the root of DNS, so the recommendation is to configure only the IANA root key, and .CL will be automatically validated through the normal trust chain.

The KSK key(s) is in the canonical format of the DNSKEY records, in a plain text file, and signed with OpenPGP using the cryptographic identity of NIC Chile (in spanish), for your verification.

Here will be kept the future and past keys, in case of rollovers. Also we recommend to subscribe the Anuncios DNSSEC mailing list, where shall be informed of any rollover of KSK keys.


Disclaimer: english version only for reference.
Original and official version of this document located in


[ Introduction - Implementation - Key upload - Policy for .CL - KSK keys - Time schedule - More information ]