Trust Anchors and Keys
The Root Key Signing Key acts as the trust anchor for DNSSEC for the Domain Name System. This trust anchor is configured in DNSSEC-aware resolvers to facilitate validation of DNS data. For a complete description of these files and mechanisms for updating the trust anchor, please review DNSSEC Trust Anchor Publication for the Root Zone.
|root-anchors.xml||DNS Root Trust Anchors (XML)|
|— root-anchors.p7s||DNS Root Trust Anchors (S/MIME Signature)|
|— root-anchors.asc||DNS Root Trust Anchors (PGP Signature)|
|— icann.pgp||PGP Key Ring
Used to share signatures used to sign the PGP signature above.
|Kjqmt7v.crt||DNS Root Key Signing Key generated 2010-06-26 (public key)|
|— Kjqmt7v.csr||Certificate Signing Request for KSK generated 2010-06-26
Published in PKCS#10 format to facilitate signing by public key infrastructure.
|— root-ksk-2010.pdf||Attested copy of the result of the KSK generation script|