Happy holidays from ISC!
ISC is fortunate to have staff members in so many different countries around the world: our software development benefits from all the different perspectives - and we benefit personally!
Read post
Many of you may already be aware of yesterday’s announcement from ICANN concerning the postponement of one of the steps in the currently in-progress root zone KSK rollover.
Specifically, they have announced that the 11 October 2017 date that was planned for the retirement of KSK-2010 will be postponed for at least three months because root zone trust anchor telemetry data sent by servers running BIND 9 and other DNS server software indicates that many operators are still unprepared for the change and using soon-to-be-retired trust anchors.
To help our users be sure that they are prepared for the transition when it occurs, we have prepared an Operational Notification: KSK-2010 will be retired from the root zone, potentially affecting validating resolvers.
If you are operating a server which performs DNSSEC validation, we suggest that you take a few moments to read the notification and follow its suggestions to ensure that you are prepared when ICANN resumes the root KSK rollover.