Nameservers and TLDs supported/unsupported by DNSSEC

All the components of the DNS resolving system must be DNSSEC-“signed” or capable in order to receive a DNSSEC authenticated DNS response. 

These elements include:

  • Top Level Domain (TLD), such as a “.com” for example, must be DNSSEC-signed or compatible. We have 14 DNSSEC-signed extensions that support it.
  • DNS that the domain uses must be DNSSEC capable.


All these elements should be in place and be working properly in order to receive a DNSSEC- authenticated response from the DNS system.


Here is the list of the TLDs that support DNSSEC:

  • .com
  • .net
  • .info
  • .io
  • .bid
  • .cloud
  • .college
  • .design
  • .feedback
  • .security
  • .top
  • .trade
  • .webcam
  • .xyz
  • 1 Users Found This Useful
Was this answer helpful?

Related Articles

What is DNSSEC?

Understanding DNSUnderstanding DNSSEC first requires basic knowledge of how the DNS system...

What is domain redemption status?

Redemption is the status that most TLDs will enter if they have not been renewed in time.  When...

What is Dynamic DNS?

Dynamic DNS feature is available only for domains pointed our BasicDNS, BackupDNS, PremiumDNS...

What is FreeDNS?

Free DNS is a DNS hosting service provided to help people whose domain registrars did not include...

What is URL Frame feature?

URL Frame (also known as URL masking or URL cloaking) is similar to URL Redirect except that...