Dnssec

The Domain Name System Security Extensions (DNSSEC) is a suite of Internet Engineering Task Force (IETF) specifications for securing certain kinds of information provided by the Domain Name System (DNS) as used on Internet Protocol (IP) networks. It is a set of extensions to DNS which provide to DNS clients (resolvers) origin authentication of DNS data, authenticated denial of existence, and data integrity, but not availability or confidentiality.
Posts about Dnssec
    • Root crypto rollover now slated for October

      ICANN has penciled in October 11 as the new date for rolling the DNS root’s cryptographic keys, a delay of a year from its original plan. The so-called KSK rollover will see ICANN remove the deprecated 2010 Key Signing Key, leaving only the 2017 KSK active. The KSK acts as the “trust anchor” for DNSSEC across the whole internet.

      Kevin Murphy/ DomainIncite- 16 readers -
  • Second delay for domain security key rollover

    … ICANN has decided to delay changing the security keys to the DNS for the second time. The “KSK Rollover” had been rescheduled from October 11 to some time in the first quarter 2018, but that will no longer happen. We’re now looking at Q3 at the earliest. “We have decided that we do not yet have enough information to set a specific date…

    Kevin Murphy/ DomainIncite- 8 readers -
  • ICANN just came thiiis close to breaking the internet

    … ICANN has decided to postpone an unprecedented change at the DNS root after discovering it could break internet for potentially millions of users. The so-called KSK Rollover was due to go ahead on October 11, but it’s now been pushed back to — tentatively — some time in the first quarter 2018. The delay was decided after ICANN realized…

    Kevin Murphy/ DomainIncite- 18 readers -
  • IANA boss quits ICANN

    … The head of IANA is to leave the organization, ICANN announced this week. Elise Gerich, currently vice president of IANA Services at ICANN and president of Public Technical Identifiers (PTI), will leave in October, according to a blog post. She’ll stick around long enough to oversee the DNS root’s first DNSSEC Key-Signing Key rollover, which…

    Kevin Murphy/ DomainIncite- 18 readers -
  • Hacker hostage crisis at ICANN secret key ceremony! (on TV)

    … (which are real) to watch the show and explain to me what bits reflect reality and what was plainly bogus. “There are some points about it that are quite close to how the how the root KSK administration works,” he said, describing the depiction as “kind of surreal”. “But then they take it not one but two steps further. The way the ceremony happens…

    Kevin Murphy/ DomainIncite- 21 readers -
  • ICANN to flip the secret key to the internet

    … to the complexity of the process, and the risk that something might go wrong, the move is to be announced in the coming days even though the new public key will not replace the existing one until October 2017. The KSK is a cryptographic key pair used to sign the Zone Signing Keys that in turn sign the DNS root zone. It’s basically at the top of the DNSSEC…

    Kevin Murphy/ DomainIncite- 13 readers -