Jan 27
Today I’ve updated the page showing DNSSEC Deployment Maps over on the Deploy360 site. The maps are generated each Monday and sent to a mailing list (to which you can subscribe) and the latest versions are always available in the mailing list archives. However, from time to time I update the page to show the latest maps so that people can easily find them.
By the way, the latest ccTLD to sign with DNSSEC was Azerbaijan’s .AZ domain!
Jan 27
Earlier this month Azerbaijan’s .AZ became the latest country-code top-level domain (ccTLD) to sign the domain with DNSSEC and complete the first step in allowing all domains underneath .AZ to obtain the higher level of security possible with DNSSEC. This is, of course, just the first step. As we outline in our tutorial, the next steps are that registrars and DNS hosting providers for .AZ need to now support the DNSSEC-signing of domains. But it’s a good step to see!
We saw this signing come through on Rick Lamb’s DNSSEC Deployment Report and could easily verify it on the command-line using the command “dig dnskey az.” which shows the relevant DNSKEY records. (As well as “dig ds az.” that shows the existence of the DS record.)
A great step forward for Azerbaijan – and we look forward to seeing even more of the countries on our DNSSEC Deployment Maps filled in with green over the months ahead!
If you want to get started with DNSSEC, please visit our Start Here page to begin!
