Donate
‹ Back
Deploy360 15 December 2014

Indonesia And Vanuatu Sign .ID and .VU With DNSSEC

Dan York
By Dan YorkDirector of Web Strategy

Asia PacificWe were very pleased to learn this morning that both Indonesia’s .ID and Vanuatu’s .VU country-code top-level domains (ccTLDs) had DS records uploaded to the root zone of DNS over the weekend.  What this means is that they have both entered the fourth of five deployment stages that we track as part of the DNSSEC Deployment Maps.

At some point soon, people who have registered domains under .ID and .VU should be able to upload their own DNSSEC records and be able to obtain the higher level of security and trust that comes with having their domain signed with DNSSEC.  We don’t yet know when the registries for .ID and .VU will start accepting DS records from registrants, but hopefully at some point soon.

Given that the records were entered into the root zone of DNS after I had finished updating the database on Friday for the DNSSEC Deployment Maps that were distributed this morning, I took the unusual step of re-generating the maps today after a quick database update.  Subscribers to the public dnssec-maps mailing list have all received a second set of maps for today.  Normally I might have just waited for next week but given Indonesia’s size it adds a nice bit of green to the Asia Pacific map and I wanted that to be shown.

With these two ccTLDs having their DS record in the root zone, this brings us to 97 of the 247 ccTLDs that we track in our database being signed with DNSSEC.  (There are also .EU and .SU which we consider more “regional” TLDs (and are both signed), but other lists count as ccTLDs, so you could say that we show 99 of 249 being signed.)  Given that most of the generic TLDs are signed and all the new gTLDs MUST be signed when they launch, the remaining 150 unsigned ccTLDs are the major area where attention will be focused over the next while in terms of getting TLDs signed.  ICANN’s DNS team is spending a good bit of time traveling to many of these countries to help them get their ccTLDs signed and operational.

Congratulations to the teams at .ID and .VU for getting their domains signed and linked in to the DNSSEC global “chain of trust”.  We look forward to learning that those two ccTLDs become “Operational” and second-level domains can begin uploading DNSSEC records soon.

Note – if you would like to learn more about how you can get started with DNSSEC, please visit our Start Here page to find resources tailored to your role or type of organization.

‹ Back

Disclaimer: Viewpoints expressed in this post are those of the author and may or may not reflect official Internet Society positions.

Related articles

Congrats to Spain (.ES) and Croatia (.HR) on on their DNSSEC-signed TLDs in the DNS Root
Deploy36017 July 2014

Congrats to Spain (.ES) and Croatia (.HR) on on their DNSSEC-signed TLDs in the DNS Root

Congratulations to the teams at the top-level domains (TLDs) of both .ES (Spain) and .HR (Croatia) for getting their DNSSEC-signed TLDs...

New DNSSEC Deployment Maps - Now Corrected And Updated
Deploy36020 October 2014

New DNSSEC Deployment Maps – Now Corrected And Updated

If you have been receiving our DNSSEC deployment maps by email or just using the maps from our web page, you need...

Australia (.AU) and Grenada (.GD) Are Latest ccTLDs To Sign With DNSSEC
Deploy3601 December 2014

Australia (.AU) and Grenada (.GD) Are Latest ccTLDs To Sign With DNSSEC

Today's DNSSEC Deployment Maps have two great new additions for country-code top-level domains (ccTLDs): Australia's .AU domain and Grenada's .GD...

Join the conversation with Internet Society members around the world