Nameservers and TLDs supported/unsupported by DNSSEC

All the components of the DNS resolving system must be DNSSEC-“signed” or capable in order to receive a DNSSEC authenticated DNS response. 

These elements include:

  • Top Level Domain (TLD), such as a “.com” for example, must be DNSSEC-signed or compatible. We have 14 DNSSEC-signed extensions that support it.
  • DNS that the domain uses must be DNSSEC capable.


All these elements should be in place and be working properly in order to receive a DNSSEC- authenticated response from the DNS system.


Here is the list of the TLDs that support DNSSEC:

  • .com
  • .net
  • .info
  • .io
  • .bid
  • .cloud
  • .college
  • .design
  • .feedback
  • .security
  • .top
  • .trade
  • .webcam
  • .xyz
  • 0 Users Found This Useful
Was this answer helpful?

Related Articles

What is DNSSEC?

Understanding DNSUnderstanding DNSSEC first requires basic knowledge of how the DNS system...

What is Dynamic DNS?

Dynamic DNS feature is available only for domains pointed our BasicDNS, BackupDNS, PremiumDNS...

What is FreeDNS?

Free DNS is a DNS hosting service provided to help people whose domain registrars did not include...

What is DNS (domain name server)?

Domain Name Server - computer that translates human-friendly URLs (words) into computer-friendly...

What is URL Redirect and how does it work?

URL Redirect (sometimes known as URL Forwarding) is a technique which can be used to redirect a...