Cloudflare has published its first DNSSEC signed zone, www.cloudflare.com, and invites users to analyze and provide feedback on the implementation. The company aims to make DNSSEC as widespread and easy-to-use as TLS. They are addressing complexities of DNSSEC by signing on the fly, using ECDSA for smaller answers and reduced risk of reflection attacks, and providing a fully managed solution. Users can participate in the beta program by emailing their website name and answer to a question about DNSSEC algorithm number for ECDSAP256SHA256.