DNSSEC via RDAP

DNSSEC via RDAP refers to DNSSEC-related registration evidence exposed through RDAP where available.

DNSSEC postureRegistration signalPublic evidence

Observed evidence

Observed by .auDO

These fields describe the public evidence .auDO records for this signal where available.

dnssec_enabled_rdaprdap_raw.secureDNSdns_raw.dnssec_enabled_rdapdnssec_mismatch

Interpretation

How to read this signal

This signal is useful as public evidence of visible posture or change, not as a conclusion on its own.

Why it matters

RDAP-side DNSSEC evidence can help compare what registration data asserts with what DNS-side checks observe.

What change may indicate

DNSSEC via RDAP may change because of registrar updates, registry processing, delegation material changes, provider migration, source representation or collection fallback.

Limits

What it cannot tell us

This is registration-side evidence and should be compared with DNS-side evidence. Absence from RDAP does not necessarily prove DNSSEC is absent and cannot prove risk, safety, compromise or intent.

Observations are descriptive records, not risk scores, allegations or evidence of compromise.

Observed patterns

Common observations

DNSSEC visibility changeDNSSEC assertion gap change

Report surface

Where it appears

This signal can appear in daily reports, the observation panel, methodology notes, derived report artefacts and preserved raw snapshot evidence when the relevant fields are present.

Nearby signals

DNSSEC DNSKEY presence RDAP Raw evidence Source fallback

Use alongside

Explore this signal in context

This signal is most useful when read alongside related State views, explainers, reports and methodology notes.

What is DNSSEC?DNSSEC state RDAP state RDAP signal Reports Methodology