DNS Policy

Overview

Digity LLC operates secure, resilient DNS infrastructure for all TLDs under our management. Our DNS services are designed to provide high availability, low latency, and robust security through industry-standard best practices.

DNSSEC Implementation

All Digity-operated TLDs support DNSSEC (Domain Name System Security Extensions) to protect against DNS spoofing and cache poisoning attacks. DNSSEC is enabled by default at the registry level.

Key Features

• Automated key rollover procedures
• Support for DS record submission via EPP
• Validation of DNSSEC chains for all signed zones
• RSA and ECDSA algorithm support

Name Server Requirements

Digity operates authoritative name servers through CentralNic infrastructure:

• a.nic.case (194.169.218.140, 2001:67c:13cc::1:140)
• b.nic.case (185.24.64.140, 2a04:2b00:13cc::1:140)
• c.nic.case (212.18.248.140, 2a04:2b00:13ee::140)
• d.nic.case (212.18.249.140, 2a04:2b00:13ff::140)

All name servers are geographically distributed across multiple continents and provide IPv4 and IPv6 connectivity.

Service Level Commitments

• 99.9% DNS resolution availability
• Sub-100ms query response time (global average)
• Real-time DNS propagation (< 5 minutes for updates)
• 24/7 monitoring and incident response

Registrar DNS Management

Accredited registrars manage DNS records for domain names under Digity TLDs via EPP (Extensible Provisioning Protocol). Registrars may:

• Add, modify, or delete name server records
• Submit DS records for DNSSEC signing
• Apply domain status flags (clientHold, serverHold, etc.)