This command will remove previously set DNS Sec on a passed in SLD/TLD directly at the registry. You must pass in all 4 pieces of data, and they all must match what is set in order for it to be removed. If you are unclear as to what the other data pieces are, you can run the GetDnsSec command to return back all of the values.


Use this command to remove DNS Sec from a specified SLD/TLD combination.


All resellers have access to this command.

Implementation on

Log on to with Login ID resellid, password resellpw.


The query must meet the following requirements:

  • The login ID and password must be valid.
  • SLD and TLD values must be supplied.

Input parameters

Build the query string using this syntax:

Parameter Status Description Max Size
UID Required Account login ID 20
PW Required Account password 20
SLD Required Second-level domain name (for example, enom in 63
TLD Required Top-level domain name (extension) 15
Alg Required

8-bit number representing the security algorithm being used. Valid values are:

  • 1 - RSA/MD5
  • 2 - Diffie-Hellman
  • 3 - DSA/SHA-1
  • 5 - RSA/SHA-1
  • 6 - DSA-NSEC3-SHA-1
  • 7 - RSASHA1-NSEC3-SHA1
  • 8 - RSA/SHA-256
  • 10 - RSA/SHA-512
  • 12 - GOST R 34.10-2001
  • 13 - ECDSA Curve P-256 with SHA-256
  • 14 - ECDSA Curve P-384 with SHA-384
Digest Required    
DigestType Required    
KeyTag Required    
ResponseType Optional Format of response. Permitted values are Text (default), HTML, or XML. 4


  • The default response format is plain text. To receive the response in HTML or XML format, send ResponseType=HTML or ResponseType=XML in your request.
  • Check the return parameter ErrCount. If greater than 0 the transaction failed. The parameter Err(ErrCount) can be presented to the client. Otherwise process the returned parameters as defined above.