DNS Root KSK rollover happened Oct. 11 and will tighten security for the internet’s address book.
By Michael Cooney
Network World | OCT 12, 2018 8:20 AM PT
So far, so good. That’s the report from Internet Corporation for Assigned Names and Numbers (ICANN) as it rolled out the first-ever changing of the cryptographic key that helps protect the internet’s address book – the Domain Name System (DNS) on Oct. 11.
The change is central to ICANN’s project to upgrade the top pair of cryptographic keys used in the Domain Name System Security Extensions (DNSSEC) protocol — commonly known as the root zone key signing key (KSK) — which secures the internet's foundational servers. This so-called root KSK rollover from the 2010 KSK to the 2017 KSK was supposed to take place almost a year ago but was delayed until Oct. 11 of this year because of concerns it might disrupt internet connectivity to significant numbers of web users.
But so far, that hasn't happened.
ICANN wrote: “The root KSK rollover has occurred: the new root zone signed by new KSK (known as KSK-2017) has been published to the root servers. The root KSK rollover occurred at 1600 UTC [noon EST] today, 11 October, with the publication of the root zone with serial number 2018101100. Please see the main rollover page for further information on the rollover.”
The KSK rollover involved generating a new cryptographic public and private key pair and distributing the new public component to parties who operate validating resolvers, according to ICANN. Such resolvers run software that converts typical addresses like networkworld.com into IP network addresses.
Resolvers include: internet service providers, enterprise network administrators and other DNS resolver operators, DNS resolver software developers; system integrators, and hardware and software distributors who install or ship the root's "trust anchor," ICANN said.
Internet Corporation for Assigned Names and Numbers
The Internet Corporation for Assigned Names and Numbers is a nonprofit organization responsible for coordinating the maintenance and procedures of several databases related to the namespaces and numerical spaces of the Internet, ensuring the network's stable and secure operation. ICANN performs the actual technical maintenance work of the Central Internet Address pools and DNS root zone registries pursuant to the Internet Assigned Numbers Authority (IANA) function contract. The contract regarding the IANA stewardship functions between ICANN and the National Telecommunications and Information Administration (NTIA) of the United States Department of Commerce ended on October 1, 2016, formally transitioning the functions to the global multistakeholder community.
The multistakeholder model is used in Internet governance by entities such as the ICANN and IETF It has been the foundation of local governance entities such as New York City's Community Boards.
Norbert Bollow, co-coordinator on the Civil Society Internet Governance Forum distinguishes between "representative" multistakeholderism, using as examples the United Nation's MAG and ECWG, in which a limited number of seats are distributed to representatives through some selection process, and "open" multistakeholderism, as represented by the IETF and RIRs, which relies on participants self-selecting to balance perspectives.
ICANN's creation was announced publicly on September 17, 1998 ,and it formally came into being on September 30, 1998, incorporated in the U.S. state of California. Originally headquartered in Marina del Rey in the same building as the University of Southern California's Information Sciences Institute (ISI)], its offices are now in the Playa Vista neighborhood of Los Angeles.
Announced publicly on September 17, 1998
Founded September 18, 1998
Formally came into being on September 30, 1998
Founded by Jon Postel
Jonathan Bruce Postel August 6, 1943 – October 16, 1998)
On July 26, 2006, the United States government renewed the contract with ICANN for performance of the IANA function for an additional one to five years. The context of ICANN's relationship with the U.S. government was clarified on September 29, 2006 when ICANN signed a new Memorandum of Understanding with the United States Department of Commerce (DOC). This document gave the DOC oversight over some of the ICANN operations.
During July 2008, the DOC reiterated an earlier statement that it has "no plans to transition management of the authoritative root zone file to ICANN". The letter also stresses the separate roles of the IANA and VeriSign.
On September 30, 2009, ICANN signed an agreement with the DOC (known as the "Affirmation of Commitments") that confirmed ICANN's commitment to a multistakeholder governance model, but did not remove it from DOC oversight and control.
On March 10, 2016, ICANN and the DOC signed a historic, culminating agreement to finally remove ICANN and IANA from the control and oversight of the DOC. On October 1, 2016, ICANN was freed from U.S. government oversight.
We need to talk… about the state of internet governance
By Jamal Shahin 10/12/2018
Co-director of the GREMLIN project at the United Nations University/Vrije Universiteit Brussel and Assistant Professor at the University of Amsterdam
In about a month, some of the key stakeholders in internet governance will come together in Paris and talk about the public policy challenges facing the internet in 2018 and beyond. They will do so at the Internet Governance Forum, a UN-supported platform that will meet for the thirteenth time this year.
The IGF traditionally brings different groups of stakeholders into a large conference centre, and provides for the opportunity for these different stakeholders to discuss: the idea being that understanding, consensus and collaboration will emerge between these different communities.
Internet Governance Forum (IGF) 2018
The Internet Society, together with the United Nations University GREMLIN project, invite you to join us for an evening of networking in Brussels before this year’s Internet Governance Forum (IGF) in Paris on 12-14 November.
The thirteenth Annual Meeting of the Internet Governance Forum (IGF) will be hosted by the Government of France at the headquarters of UNESCO in Paris from 12 to 14 November 2018.
Multistakeholderism: a vivid term with many meanings
The IGF model of multistakeholderism is one of a plethora of different approaches to engaging with actors beyond states in questions of global governance. Some rely more on governments, other processes rely on technical expertise, others have come and gone. Others, like the Internet Society, tend to refer to multistakeholder approaches, rather than one model.