[Pkg-dns-devel] Bug#877683: Bug#877683: jessie version of dns-root-data lacks new ksk in root.ds
Robert Edmonds
edmonds at debian.org
Thu Oct 19 15:50:48 UTC 2017
Sergio Gelato wrote:
> Package: dns-root-data
> Version: 2017072601~deb8u1
> Severity: serious
>
> The version of this package that is currently in jessie-updates still only
> lists the old key 19036 in /usr/share/dns/root.ds.
Confirmed, I see the two keys in /usr/share/dns/root.key but not in
root.ds.
> If I understood correctly,
> starting a week from now the root zone will only be signed with the new key
> 20326.
The root KSK rollover was postponed:
https://www.icann.org/news/announcement-2017-09-27-en
The root zone is currently being signed with the same KSK it always has
been signed with.
The roll might be re-scheduled and performed in the first quarter of
2018, but there is currently no definite date for the rollover.
--
Robert Edmonds
edmonds at debian.org
More information about the pkg-dns-devel
mailing list