ICANN approves plan to change DNS root key

The Internet Corporation of Assigned Names and Numbers (ICANN) has approved plans to change the cryptographic key which protects the Domain Name System (DNS).

This will be the first time the key for the DNS will be changed following its implementation in 2010.

The key will be changed or “rolled” on 11 October 2018, and some Internet users may be affected if their ISPs have not prepared for the roll.

“There is no way of completely assuring that every network operator will have their resolvers properly configured, yet if things go as anticipated, we expect the vast majority to have access to the root zone,” said ICANN board chair Cherine Chalaby.

“It is almost certain there will be at least a few operators somewhere across the globe who won’t be prepared, but even in the worst case, all they have to do to fix the problem is turn off DNSSEC validation, install the new key, and re-enable DNSSEC and their users will again have full connectivity to the DNS.”

This is not the last DNS root key change, as the key will continue to be “rolled” regularly to improve security.

Now read: The best public DNS services to use in South Africa

Latest news

Partner Content

Show comments


Share this article
ICANN approves plan to change DNS root key