Deploy360 9 March 2015

Middle East DNS Forum Covers DNSSEC – Let's Fill In The Map!

By Dan YorkDirector, Internet Technology

Over in Amman, Jordon, today our Internet Society colleague Frédéric Donck gave a keynote address at the Middle East DNS Forum where I know he was planning to speak about DNSSEC and our interest in advancing the deployment so that together we can make the Internet more secure via a more secure DNS infrastructure. (His talk was also going to cover Internet governance and infrastructure development topics.)  The folks at the Middle East DNS Forum were kind enough to tweet out a photo of Frédéric in action:

Middle East DNS Forum

In preparation for his presentation at the meeting, I provided Frédéric with a snapshot of our weekly DNSSEC Deployment Maps for the Middle East region (the colors represent the 5 stages of DNSSEC deployment):


As you can see, there’s definitely room to have more of the country-code top-level domains (ccTLDs) signed in the region.  From what the database shows, I have this information:

  • Lebanon has signed .LB and the DS record is in the root of DNS.
  • Afghanistan has signed .AF and the DS record is in the root of DNS.
  • Turkey (.TR) is “Announced” because a representative of the registry contacted me with their plans ( and they publicly announced their plans at the ICANN Turkey DNS Forum in November 2014).
  • Israel is in the “Announced” state because a representative of the .IL registry contacted me with their plans.
  • Iraq (.IQ) and Iran (.IR) are in “Experimental” because activity was observed a few years back.

For Lebanon and Afghanistan, they could be in the “Operational” stage and be accepting DS records from domain registrants.  We just don’t know because we have no way to find out unless either: 1) someone from the registry tells us (and I haven’t yet tried to contact these ccTLDs to know); or 2) someone who has registered a domain in those ccTLDs lets us know.

Although the agenda of the Middle East DNS Forum is mostly not about technical topics, I do hope Frédéric’s discussion will ignite some interest and we can start seeing the Middle East region joining the rest of the world in providing a way to secure the integrity of DNS information within the ccTLDs.

In fact, if you are visiting our site as a result of that Forum, please do visit our Start Here page to find out how you can begin with DNSSEC – or please contact us so that we can help you find the appropriate resources.

Let’s fill in that map and get the whole region to be green!

P.S. If anyone has more information about the DNSSEC deployment status of ccTLDs in that region, please do let me know – I’d be glad to update the maps.

Disclaimer: Viewpoints expressed in this post are those of the author and may or may not reflect official Internet Society positions.

Related Posts

Improving Technical Security 15 March 2019

DNS Privacy Frequently Asked Questions (FAQ)

We previously posted about how the DNS does not inherently employ any mechanisms to provide confidentiality for DNS transactions,...

Improving Technical Security 14 March 2019

Introduction to DNS Privacy

Almost every time we use an Internet application, it starts with a DNS (Domain Name System) transaction to map...

Improving Technical Security 13 March 2019

IPv6 Security for IPv4 Engineers

It is often argued that IPv4 practices should be forgotten when deploying IPv6, as after all IPv6 is a...