We learned this week that the country-code Top Level Domain (ccTLD) for Botswana, .bw, is once again secured with DNSSEC. We wrote previously about the Botswana ccTLD. First signed and secured with DNSSEC in 2016, the .bw domain went insecure in mid-2022. While it is always regrettable to see Internet infrastructure regressing to an insecure state in this fashion, especially for such a long period (two years!), it is to be commended that Botswana is now back in the club of countries with a secured ccTLD.
You can see the status of DNSSEC adoption by ccTLDs worldwide here.
Signing the domain and installing security keys in the root zone of the DNS is only a first step to more widespread DNSSEC deployment, but it’s an important one. Incentivizing registrants to sign their domains is also crucial, as is encouraging ISPs to enable DNSSEC validation in the recursive resolvers they provide to their subscribers.
You can continue to observe the steady increase in ccTLD DNSSEC adoption and DNSSEC validation adoption via our Pulse Enabling Technologies page.
Learn more about DNSSEC.
What is the DNS?
Just about every Internet communication starts with a Domain Name System (DNS) lookup. The DNS is an essential piece of Internet infrastructure that translates human-friendly names (internetsociety.org) into computer-friendly numbers (2001:41c8:20::b31a). Like many other Internet components, the DNS started without any security features in a vastly different Internet landscape. Today, security and trustworthiness are vital foundations for the ongoing evolution and growth of a robust Internet that benefits users everywhere. DNS Security Extensions (DNSSEC) was developed to provide an additional level of security using cryptographic techniques to validate the authenticity of DNS information.