Home Security Cybersecurity Root Zone KSK (Key Sign Key) Rollover to resolve DNS queries was...

Root Zone KSK (Key Sign Key) Rollover to resolve DNS queries was successfully completed

October 12, 2018 - 5:28 am

2174

2 min read

Yesterday, ICANN (Internet Corporation for Assigned Names and Numbers) announced that the root KSK roll has occurred at 1600 UTC.

ICANN is an organization that ensures a stable, secure and unified global Internet by coordinating the maintenance and procedures of several databases related to the namespaces and numerical spaces of the Internet.

What is a Root KSK (Key Sign Key) Rollover?

The KSK is used to cryptographically sign the Zone Signing Key (ZSK), which is used by the Root Zone Maintainer to DNSSEC-sign the root zone of the Internet’s DNS.

Rolling the KSK means generating a new cryptographic public and private key pair and distributing the new public component to parties who operate validating resolvers including,

Internet Service Providers
Enterprise network administrators and other Domain Name System (DNS) resolver operators
DNS resolver software developers
System integrators, and
Hardware and software distributors who install or ship the root’s ‘trust anchor’

Maintaining an up-to-date KSK is important to ensure that DNSSEC-validating DNS resolvers continue to function following the rollover. Failure to have the current root zone KSK will mean that DNSSEC-validating DNS resolvers will be unable to resolve any DNS queries.

Failure to have the current root zone KSK will mean that DNSSEC-validating DNS resolvers will be unable to resolve any DNS queries.

Details of the KSK Rollover

KSK Rollover operations started in October 2016 and were scheduled for October 2017. However, ICANN announced that the rollover has been postponed stating, “a significant number of resolvers used by Internet Service Providers (ISPs) and Network Operators are not yet ready for the Key Rollover.”

Later, a draft plan was announced on February 1, 2018, after receiving input from the community. The date put forward to initiate the procedure was October 11, 2018. Per ICANN, the rollover is necessary to curb the rising number of cyber attacks.

In an official statement, Communications Regulatory Authority said, “To further clarify, some internet users might be affected if their network operators or Internet Service Providers (ISPs) have not prepared for this change. However, this impact can be avoided by enabling the appropriate system security extensions.”.

To know more about this news in detail, visit the main rollover page on ICANN’s website.

Top 6 Cybersecurity Books from Packt to Accelerate Your Career

Your Quick Introduction to Extended Events in Analysis Services from Blog…

Logging the history of my past SQL Saturday presentations from Blog…

Storage savings with Table Compression from Blog Posts – SQLServerCentral

Daily Coping 31 Dec 2020 from Blog Posts – SQLServerCentral

Learning Essential Linux Commands for Navigating the Shell Effectively

Exploring the Strategy Behavioral Design Pattern in Node.js

How to integrate a Medium editor in Angular 8

Implementing memory management with Golang’s garbage collector

How to create sales analysis app in Qlik Sense using DAR…

Root Zone KSK (Key Sign Key) Rollover to resolve DNS queries was successfully completed

What is a Root KSK (Key Sign Key) Rollover?

Details of the KSK Rollover

Read Next

Must Read in Security

Top 6 Cybersecurity Books from Packt to Accelerate Your Career

Win-KeX Version 2.0 from Kali Linux

Kali Linux 2020.3 Release (ZSH, Win-Kex, HiDPI & Bluetooth Arsenal) from...

Interviews

Learn Transformers for Natural Language Processing with Denis Rothman

Clean Coding in Python with Mariano Anaya

Bringing AI to the B2B world: Catching up with Sidetrade CTO Mark Sheldon [Interview]

On Adobe InDesign 2020, graphic designing industry direction and more: Iman Ahmed, an Adobe Certified Partner and Instructor [Interview]

Is DevOps experiencing an identity crisis? [Interview]

MobilePro

datapro

Programming

Subscribe to our newsletter