The 5th edition of the national DNS (Domain Name System) Forum, organized by the National Agency for Information and Communication Technologies (ANTIC), is currently taking place in Douala. The forum’s theme is “DNS and digital sovereignty: building a secure and confident internet around .cm,” and it gathers ICT experts to discuss critical aspects of internet security and trust.In his opening speech, ANTIC’s Director General, Professor Ebot Ebot Enaw, highlighted a significant step toward digital sovereignty: the cryptographic signing of the .cm zone using the DNS Security Extensions (DNSSEC). “Allow me to share with you a moment of national pride recorded on 8 April 2025, a date that will forever remain engraved in the annals of Cameroon’s digital history. On that day, ANTIC, Cameroon’s ‘.cm’ Internet extension administrator, achieved a major milestone by cryptographically signing the ‘.cm’ zone following the implementation of the DNSSEC security extension.”DNSSEC is a crucial security protocol. As highlighted by Bouba Bame Rachinda, Chief of Governance Unit at ANTIC, its goal is to ensure the integrity of data transmitted via the DNS. It combats attacks like cache poisoning, where an attacker could redirect a user from a legitimate site (e.g., `crtv.cm`) to a fraudulent one to steal credentials or compromise information. The signing of the `.cm` zone assures users of the authenticity of Cameroonian websites.While signing the `.cm` zone is a major technical achievement, the Director General stressed that it’s only the first step. For the security to be effective, the entire chain of trust must function, meaning DNSSEC validation must be enabled on the side of DNS resolvers used by Internet Service Providers (ISPs) and operators.
Professor Ebot Enow shared key statistics revealing the urgent need for collective action:Region/Entity DNSSEC Validation Rate Worldwide Average 59.84% ,Africa Average 47.77% Cameroon National Average 56.60%,MTN 99.75% ,CAMTEL 73.52%,CREOLINK 25.35%,Orange Cameroon 2.75% , Other Stakeholders 0% . “I am highlighting the DNSSEC validation figures in a bid to make it clear that having a DNSSEC-signed zone is not sufficient; it is equally essential for validation to be enabled on the DNS resolvers’ side and this is the major challenge for our operators today.”The forum’s scope has been intentionally broadened to include routing security through the Resource Public Key Infrastructure (RPKI). RPKI is a framework that cryptographically validates Internet routing announcements, specifically the Border Gateway Protocol (BGP), to protect networks from route hijacking. It essentially connects IP address blocks and Autonomous System Numbers (ASNs) to their rightful owners.Globally, only 27% of networks actively validate BGP announcements, and 50% of IP prefixes are covered by RPKI.However,ANTIC has set ambitious but achievable goals to position Cameroon at the forefront of DNS and BGP security:98% DNSSEC validation across all active telecommunications operators and ISPs in Cameroon.100% RPKI implementation for all Cameroonian operators.These targets are set to be achieved by the first half of 2026 Achieving them will significantly strengthen Cameroon’s digital sovereignty and enhance user security against DNS and BGP hijacking attacks.Nevertheless,forum participants also emphasized the need to build trust in the local .cm domain and to encourage the hosting of national data within Cameroon.Moussa Stephen, a participant, underscored that DNS is a critical infrastructure for every online transaction, translating domain names like `google.cm` into IP addresses. He noted that the original DNS protocol lacked embedded security, making DNSSEC implementation vital. He and Ms. Rachinda highlighted two challenges: People are not fully aware of the importance of having local domain names .cm` and the security provided by DNSSEC. Many individuals and companies still prefer international extensions like `.com` or `.net`, leading to a significant portion of national data being stored outside the continent.ANTIC believes that the signing of the `.cm` zone, along with ongoing awareness campaigns, will instill the necessary trust and drive registrars and clients to adopt the secure, local .cm domain, building a safer and more resilient digital Cameroon. The number of registered `.cm` domain names has already grown from 15,000–20,000 a few years ago to over 33,000 today, showing positive progress.
Visionary Reports 
Leave a comment