TTS owns a number of second-level domains. Information from DotGov on getting a new one. Purchases/renewals are done through micropurchase requests.
DNS for domains in TTS is managed one of a few ways—see this diagram. For those that are managed within TTS, see the DNS repository.
cloud.gov (and thus Federalist) do not support DNSSEC.
For domains owned by TTS that speak HTTP, TTS follows the requirements of OMB M-15-13, including HTTP Strict Transport Security and the recommended additional step of HSTS preloading.
For information on how HTTPS and HSTS compensate for an absence of DNSSEC for HTTP-based services, see:
Information from cloud.gov.