The Organization for the Management of Domain Names and IP-addresses (ICANN) plans to hold on October 11 the first in the history of the Internet “key renewal for signing keys” (KSK). Cryptographic keys, explained on the organization’s website, serve as a protection for the Internet Domain Name System (DNS).
In ICANN, it is assumed that the consequences of a change in KSK in the root zone for users will be minimal. At the same time, it is possible that a small percentage of Internet users will experience difficulties with access to online resources. The reason, experts say, is related to the incorrect configuration of a number of recursive resolvers validating domain name system security extensions (DNSSEC).
However, more than 99% of users whose resolvers perform validation will not suffer from the update of KSK.
The final decision on the update will be made within the next week.