Last week I wrote that I asked the .nl TLD maintainers to
add the DS records for pa1ton.nl to the
.nl zone.
And yesterday the big moment was there.
Have a look.
I just verified this with SIDN and I am number 7 on the list of DNSSEC secured domains in the Netherlands.
Wow, that's really quick! 
Some time ago I blogged that my zones are signed and now it's possible to add
the DS key to the .nl zone.
This still is a manual process, but I opted in with my pa1ton.nl domain. The
.com TLD isn't signed yet, so the tonkersten.com is still to be done.
I also updated some scripts and things to make it work better
First I need the ZSK and KSK and I generate them like this:
dnssec-keygen -e -a NSEC3RSASHA1 -3 -b 2048 -n ZONE pa1ton.nl dnssec-keygen -a NSEC3RSASHA1 -3 -b 2048 -n ZONE -f KSK tonkersten.com
This enables the NSEC3 options for the zone.
And signing the zones is done like:
dnssec-signzone \ -v 3 \ -3 34A3 \ -A \ -d keys \ -K keys \ -N unixtime \ -f pa1ton.nl.signed \ -o pa1ton.nl \ -S pa1ton.nl
It will take a couple of days for the DS keys to appear in the .nl TLD.
I will keep you posted.
It took some time, but I did manage to make a new version of git.vi. It has
some errors corrected and some extra features.
And now it comes with its own, shiny, new man page. (git.vi.1).
Come and g[ei]t it. It's in the files section or on github.
Or clone it with:
git clone https://github.com/tonk/git.vi.git
