You may have heard that DNSSEC, the security extensions to the DNS -- the Domain Name System -- is in full swing, but you may not have heard that its deployment is not going extremely quickly. I wanted to find which number of Top-Level-Domains (TLDs) are what I like to call DNSSEC ready. ICANN publishes their TLD DNSSEC Report in HTML, but I wanted a graphic representation. (Oops: I see while writing this, that they have now have a diagram in their report as well.) So, here is the data. A TLD is DNSSEC- ready if its zone is signed and if its key is either published as a DS record in the root, or it has an ITAR anchor, or it has a DLV record. Keep an eye on the data; it is updated daily.

Flattr this
DNS, Security, and dnssec :: 08 Oct 2010 :: e-mail

Comments

blog comments powered by Disqus