The system administrator (sysadmin) needs to update the software if he / she does not want to lose the network
Internet providers and system administrators (sysadmin) need to make sure they run updated software or they will have to risk losing their customers in October, DNS management organization ICANN warned.
Internet providers and system administrators (sysadmin) need to make sure they run updated software or they will have to risk losing their customers in October, DNS management organization ICANN warned.
Following the process starting in May 2016, the encryption key to secure the system domains will be updated for the first time.
After testing in May 2016, in February last, a new key record (Key Signing Key - KSK) was created for people to add to their software. The new key is then issued on DNS last month and will be used to log into the root zone for the first time on October 11, 2017 at 1600 UTC. At that time, those who do not use this key will be cut off from the Internet.
This change is the result of updating the Zone SInging Key (ZSK) to the longer 2048-bit RSA key, to provide higher security. Now it will be the same length as KSK and both will be recreated to create public and secret encryption keys to secure the Internet system.
KSK is used to log into ZSK, then used by RZM (Root Zone Maintainer) for the root zone in DNSSEC of DNS.
Only Internet infrastructure companies and network administrators need to consider this change, and Internet users do not need it.
The change is not difficult, as long as you use the update software and have enabled DNSSEC, the key will automatically update. Tests in May 2016 have been tested to make sure there will be no unwanted effects and thanks to the gradual release from that phase, Internet engineers can be confident that everything will go smoothly. . However, when it comes to global decentralized networks, it is still not certain what.
So this warning is essential for sysadmin
What if someone used old software or wanted to change KSK manually and failed? In that case, the DNS Resverver will stop working so anyone at the end of the connection will not be able to access the website they want. They can of course find their own way but it will take a lot of effort.
Internet infrastructure companies are also aware of the problem and plan the transition for months. But for system administrators, operating Resolver, developing DNS software or those who install Anchor Trust on Root as part of software or hardware and are worried about this conversion, ICANN has a test page KSK https://automated-ksk-test.research.icann.org/ and an information page for you to read. https://www.icann.org/resources/pages/ksk-rollover
You should read it
- 20 tools that every Sysadmin needs to know
- ICANN successfully changed the DNSSEC KSK key to enhance the security of the domain server system
- Introducing DNS Resolver 1.1.1.1
- 5 Linux commands every sysadmin needs to know
- Secure DNS connection with Windows Server 2008 R2 DNSSEC
- Things to know about a computer system administrator
- The life of a Linux system administrator
- How to Set Administrator Password
- What is Run as Administrator? Instructions for running with Administrator rights
- How to anonymize your Linux system with Whoami
- How to Make Yourself an Administrator on Any Windows System
- How to fix the error Run as Administrator does not work in Windows
Maybe you are interested
New Intel microcode '0x129' tested on Linux, did not show a major impact on performance Learn about Hamster AI: The best free all-in-one AI tool Why does opening MOV file have no image? How to fix? How to print Excel on 1 A4 page - Display full content on 1 page How to install HEVC and HEIF codecs on Windows 11 More than 60% of passwords are cracked by AI in less than 60 seconds