Negligible impact seen on internet service due to upgradation of keys at servers: ICANN

ICANN has announced in July 2016 to upgrade cryptographic keys that are required to access the security system of website names, called Domain Name System Security Extensions (DNSSEC).

Published: 12th October 2018 09:33 PM  |   Last Updated: 12th October 2018 09:33 PM   |  A+A-

internet, net neutrality, open web, world wide, cable, hardware, hacking

Image used for representational purpose


NEW DELHI: Global Internet body ICANN said on Friday that it has noted only a handful case where Net services might have affected adversely due to the upgradation of 'keys' at vital web servers that took place on October 11.

"It is now about 20 hours since the rollover and based on all information we have, everything is going smoothly.

There have been only a small handful of reports of issues suspected to be caused by the rollover.

In all cases it appears the impact was minor and the issues were quickly resolved," an ICANN spokesperson told PTI.

ICANN has announced in July 2016 to upgrade cryptographic keys that are required to access the security system of website names, called Domain Name System Security Extensions (DNSSEC).

When an internet user types a website on his browser, the broadband or Internet modem transmits that name to a system called resolver-- which converts the website name in to numeric form containing code and server address of the website.

ICANN has asked all internet service providers to upgrade their software that resolves the website name in to digital code and directs the traffic to right server.

DNSSEC is an additional layer which validates the website name has been converted correctly.

The keys required to accesses the DNSSEC central server system called root zone were implemented in 2010 and hence were required to be upgraded for protection.

The transition was planned for October 11 , 2017 but was deferred by a year due to unclear data received just before the rollover.

Before running the system upgrade, ICANN had estimated that more than 99 per cent of users whose system are validating DNSSSEC will be unaffected by the rollover while the body that handles website name allocation in Asia, Regional Internet Registry for the Asia Pacific region (APNIC) had estimated that only 0.

05 per cent of Internet users would be negatively affected by the transition.

The ICANN spokesperson said no one can know definitively which operators have enabled DNSSEC validation on their resolvers, and because no one but the operator can tell if a resolver with DNSSEC validation enabled was ready for the rollover.". no one could know exactly which users might be affected by the KSK rollover and where they would be," the spokesperson said.

However, Internet service providers whose system did not perform DNSSEC validation function will not be impacted by the transition at all.

According to ICANN estimates are that about two-thirds of users are behind resolvers that do not yet perform DNSSEC validation.

Stay up to date on all the latest Business news with The New Indian Express App. Download now
(Get the news that matters from New Indian Express on WhatsApp. Click this link and hit 'Click to Subscribe'. Follow the instructions after that.)


Disclaimer : We respect your thoughts and views! But we need to be judicious while moderating your comments. All the comments will be moderated by the editorial. Abstain from posting comments that are obscene, defamatory or inflammatory, and do not indulge in personal attacks. Try to avoid outside hyperlinks inside the comment. Help us delete comments that do not follow these guidelines.

The views expressed in comments published on are those of the comment writers alone. They do not represent the views or opinions of or its staff, nor do they represent the views or opinions of The New Indian Express Group, or any entity of, or affiliated with, The New Indian Express Group. reserves the right to take any or all comments down at any time.

flipboard facebook twitter whatsapp