Skip to content
Switch branches/tags
Go to file

Latest commit


Git stats


Failed to load latest commit information.
Latest commit message
Commit time

DK Hostmaster Logo

Spellcheck Action Markdownlint Action

DK Hostmaster Name Service Specification

2020-12-14 Revision: 2.0

Table of Contents


General specification of some of the technical aspects of the DK Hostmaster DNS

About this document

This specification describes the DK Hostmaster General name service.

This document is owned and maintained by DK Hostmaster A/S and must not be distributed without this information.

All examples provided in the document are fabricated or changed from real data to demonstrate use etc. any resemblance to actual data are coincidental.

Printable version can be obtained via this link, using the gitprint service.


This document is copyright by DK Hostmaster A/S and is licensed under the MIT License, please see the separate LICENSE file for details.

Document History

2.0 2020-12-14

  • Introducing an extension to the IDN character set supported by the DK Hostmaster registry; ß
  • The character is supported from the 1st. of January 2021

1.0 2016-09-14

  • Initial revision

The .dk Registry in Brief

DK Hostmaster is the registry for the ccTLD for Denmark (dk). The current model used in Denmark is based on a sole registry, with DK Hostmaster maintaining the central DNS registry.

Name Service

Domain Names

A domain name can consist of the following characters:

  • a-z

  • æ, ø, å, ö, ä, ü, é and ß

  • 0-9

  • - (hyphen)

  • Hyphen cannot be placed first or last in the domain name.

  • A domain name can not have 2 initial alphanumeric characters followed by 2 hyphens, such as:, the IDN encoded version of the domain name: æøåöäüé.dk since this would indicate IDN encoding (punycode)

Glue Records

DK Hostmaster use DNS glue records as described in draft-koch-dns-glue-clarifications as a narrow glue record policy.

This means that a glue record is only inserted in the DK zone if a name server is name server for the domain to which the name server itself is a child.

An example of when glue records inserted in the DK zone:

  • If is name server for, a glue record is inserted for
  • If act as name server for the domain name, a glue record is inserted for

An example of when a glue record is not inserted to the DK zone:

  • If is name server for glue record is not inserted for
  • If is name server for a glue record is not inserted for, unless if the name server is also name server for

Please note that the above names are examples and do not relate to active domain names.


Supported DNSSEC implementations

In accordance with RFC:5910. DK Hostmaster only support DS and not DNSKEY.

In addition the maximum signature lifetime is not supported, for EPP please see section 3.3 in RFC:5910.

Supported Algorithms

DK Hostmaster currently support the following algorithms from the IANA algorithm listing:

  • 3 DSA (DSA/SHA1) RFC:3110 - do note that use of this algorithm is not recommended since it is deprecated
  • 5 RSASHA1 (RSA/SHA-1) RFC:2539
  • 6 DSA-NSEC3-SHA1 (DSA-NSEC3-SHA1) RFC:5155
  • 8 RSA/SHA-256 RFC:5702
  • 10 RSA/SHA-512 RFC:5702
  • 13 ECDSA Curve P-256 with SHA-256 RFC:6605
  • 14 ECDSA Curve P-384 with SHA-384 RFC:6605

Supported Digest Types



Public specification of some of the general technical aspects of the DK Hostmaster DNS





No packages published