DNSSEC is Enabled in Saudi Arabia’s Arabic TLD (.السعودية)

As part of SaudiNIC’s activities for enhancing and protecting the national domain name space (.sa and .السعودية), SaudiNIC, on Tuesday 14 Jun 2016, activated DNSSEC for Saudi domain names under the IDN ccTLD (.السعودية). By this Saudi Arabia became the first gulf country that enabled DNSSEC in its domain names space. This step is part of a SaudiNIC plan to adopt and implement DNSSEC on Saudi domain name space. SaudiNIC invites ISPs, sensitive agencies (e.g., banks), hosting companies, and government agencies to review DNSSEC and figure out how it works. Then participate in the testing phase through registering an Arabic domain (under .السعودية), activating DNSSEC, and experimenting it prior to the official launch of the service which expected to be just before the end of this year (2016), God willing.

For Participation

Entities that are interested in participating in the testing phase please contact us at:
  • TryDNSSEC [at] nic.net.sa
or via the ticket system on our web site:

What is a DNSSEC?

The domain name system security extension (DNSSEC) is a set of technical specifications that uses digital signatures for securing and protecting data provided by the Domain Name System (DNS).
The initial design and use of the Domain Name System (DNS) did not incorporate security at all. However, with the increasing intrusions and the presence of some security holes in the existing DNS, the Internet Engineering Force (IETF) has produced a set of RFCs (Internet standards) to overcome these deficiency and called domain name system security extension (DNSSEC).

DNSSEC Benefits

  • It puts a mechanism for verifying the source of the information, and its validity.
  • It validates the existence or nonexistence of the information.
  • DNS Security protection of known attacks, e.g., Man in the middle attack, or cache poisoning.

SaudiNIC’s DNSSEC Deployment Phases

Since 2 years, CITC has begun executing internal projects in several phases. The initial phases involved conducting a study in how to adopt DNSSEC in the Saudi domain names. This was done through exploring some international experiences, and carefully studying international specifications and standards (RFCs). The study concluded by putting a roadmap that consisted of three main phases to adopt DNSSEC:
  • Phase 1: gain local experience.
  • Phase 2: launching trail operation.
  • Phase 3: the official launch of the service.