Can I get a list of the current ccTLDs that won't support ENS's DNSSEC integration?

@brantlymillegan and I are at And I’ve noticed that a few of the TLDs listed on the prior list are attending the conference. Can I get:

  1. The current list of ccTLDs that don’t have the correct DNSSEC settings.
  2. The exact details for the records that the ccTLD would need to change to make them work with ENS.

With both (1) and (2), I can then go pester those ccTLDs while they’re at the conference to add the appropriate DNSSEC records.

Update: this list is at:

The necessary DNSSEC algorithms supported by the TLD are:

  • RSASHA256 (recommended)
  • P257SHA256 (less good, but still works)