Categories
Deploy360 Domain Name System Security Extensions (DNSSEC)

Great News! Over 50% Of All Top-Level Domains Now Signed With DNSSEC!

The Internet hit a great DNSSEC deployment milestone today – over 50% of all TLDs are now signed! As Chris Thompson pointed out on the dnssec-deployment mailing list, if you go to a site such as ICANN’s TLD DNSSEC report that was run this morning, you’ll now see that 222 (53%) of 415 TLDs in the root zone of DNS are now signed with DNSSEC. Even better, 216 (52%) have a DS record in the root zone, which means that the DNSSEC “chain of trust” can be established for domains underneath all of those TLDs:

icann-tld-dnssec-20140120

Now, granted, as Chris noted in his message, this milestone has primarily happened because of the ongoing influx of all the DNSSEC-signed “new generic top-level domains (newgTLDs)“.  You can see this rather dramatically in a graph from Rick Lamb’s DNSSEC statistics site:

DNSSEC trend statistics

Regardless, it is great to see this milestone!

With over 50% of TLDs signed, have you signed your domain yet?  (Check out our tutorials on signing your domain with DNSSEC and also our DNSSEC Basics page.)