Stronger encryption key for the Internet DNS presented by VeriSign

On 1 October, VeriSign, the administrator of the Internet root zone, successfully presented the renewed encryption key – known as Zone Signing Key (ZSK) – for the Internet root zone. This follows the envisaged plan and timeline for increasing the strength of the signing key for the root zone, used for the DNSSec – a DNS protocol extension which ensures authentication for the domain name servers. The new key uses the 2048-bit RSA encryption, and is way stronger than the half-length 1024-bit key used previously. This transition, conducted by VeriSign in cooperation with ICANN, IANA and the US NTIA, ensures the more secure root zone, and is a beginning of a rollover of the more secured keys for all the Internet domains in the next months. It is expected that the next rollover could occur in 2022.