The DNS root zone is deployed on 13 server clusters worldwide. These servers are operated by US federal agencies such as the Defense Department and NASA, corporations including VeriSign and Cogent Communications, and universities including the University of Southern California and the University of Maryland, under the direction of the Internet Assigned Numbers Authority. The root servers make it possible for top-level domains including .com, .net and .org to match domain names with corresponding IP addresses and Web sites.
DNSSEC prevents hackers from hijacking Web traffic and redirecting it to bogus sites. The Internet standard prevents spoofing attacks by allowing Web sites to verify their domain names and corresponding IP addresses using digital signatures and public-key encryption.
DNSSEC is viewed as the best way to bolster the DNS against vulnerabilities such as the Kaminsky bug discovered this summer. It's because of threats like these that the US government is rolling out DNSSEC across its .gov and .mil domains.
The US federal government issued a request for public comments about DNSSEC deployment on the root zone on October 9.