Deploy360 4 January 2017

New report: “State of DNSSEC Deployment 2016”

By Dan YorkDirector, Internet Technology
State of DNSSEC Deployment 2016

What is the current state of deployment of the DNS Security Extensions? (DNSSEC) How many domains are secured with DNSSEC? What actual usage are we seeing on the Internet? What software is available to help?

For years there have been many statistics about DNSSEC available, but it’s been hard to get an overall picture of deployment. To help with this, we’ve worked over the past few months to pull together as much information as possible into one document:

We encourage you to please read the document – and share it widely with people who need to understand more about the security of the Domain Name System.

We also welcome feedback on questions such as:

  • How helpful did you find the report?
  • What sections were particularly helpful? (or not?)
  • Is there additional information you’d like to see included in a future report?

You can post the feedback here as a comment – or send it to me directly via email.

Our intent is that this will be the first in an ongoing annual series of reports for at least the next few years until DNSSEC is more widely deployed.  Our goal is for the “State of DNSSEC Deployment 2017” report to be ready in time for the ICANN 60 DNSSEC Workshop happening in early November 2017 in Abu Dhabi.

I’d like to thank Chip Sharp for all his hard work assembling this report and incorporating feedback. I also want to thank the group of people who provided a quick final review and proofreading in the last weeks of December (noted in the final Acknowledgements section). And I want to thank everyone within the larger DNSSEC community who continue to share their information, statistics and more.

Please do share this State of DNSSEC Deployment 2016 report with others – and if you haven’t done anything with DNSSEC on your own networks or domains, please visit our Start Here pages to learn how you can begin! Together we can make the DNS – and through that the wider Internet – a bit more secure and trusted.

Disclaimer: Viewpoints expressed in this post are those of the author and may or may not reflect official Internet Society positions.

Related articles

Improving Technical Security 15 March 2019

DNS Privacy Frequently Asked Questions (FAQ)

We previously posted about how the DNS does not inherently employ any mechanisms to provide confidentiality for DNS transactions,...

Improving Technical Security 14 March 2019

Introduction to DNS Privacy

Almost every time we use an Internet application, it starts with a DNS (Domain Name System) transaction to map...

Improving Technical Security 13 March 2019

IPv6 Security for IPv4 Engineers

It is often argued that IPv4 practices should be forgotten when deploying IPv6, as after all IPv6 is a...