Deploy360 27 January 2016

Azerbaijan (.AZ) Becomes Latest ccTLD To Sign With DNSSEC

By Dan YorkDirector, Internet Technology
Azerbaijan signs .AZ with DNSSEC

Earlier this month Azerbaijan’s .AZ became the latest country-code top-level domain (ccTLD) to sign the domain with DNSSEC and complete the first step in allowing all domains underneath .AZ to obtain the higher level of security possible with DNSSEC.    This is, of course, just the first step.  As we outline in our tutorial, the next steps are that registrars and DNS hosting providers for .AZ need to now support the DNSSEC-signing of domains.  But it’s a good step to see!

We saw this signing come through on Rick Lamb’s DNSSEC Deployment Report and could easily verify it on the command-line using the command “dig dnskey az.” which shows the relevant DNSKEY records. (As well as “dig ds az.” that shows the existence of the DS record.)

A great step forward for Azerbaijan – and we look forward to seeing even more of the countries on our DNSSEC Deployment Maps filled in with green over the months ahead!

If you want to get started with DNSSEC, please visit our Start Here page to begin!

Disclaimer: Viewpoints expressed in this post are those of the author and may or may not reflect official Internet Society positions.

Related articles

Improving Technical Security 15 March 2019

DNS Privacy Frequently Asked Questions (FAQ)

We previously posted about how the DNS does not inherently employ any mechanisms to provide confidentiality for DNS transactions,...

Improving Technical Security 14 March 2019

Introduction to DNS Privacy

Almost every time we use an Internet application, it starts with a DNS (Domain Name System) transaction to map...

Improving Technical Security 13 March 2019

IPv6 Security for IPv4 Engineers

It is often argued that IPv4 practices should be forgotten when deploying IPv6, as after all IPv6 is a...