For the first time ever, the Internet Corporation for Assigned Names and Numbers (ICANN) is about to change the cryptographic keys that help secure the system which helps organise the Internet with the allotment of domain names such as .com, .org and .net- the Domain Name System (DNS).
This will ensure a safer Internet, but if network operators, Internet service providers and small networks do not make a small upgrade to their systems, they could end up getting locked out of the Internet, when the keys are changed on October 11, 2017.
Here is what is going to happen:
What is a cryptographic key?
The process of disguising information by scrambling it to make it unintelligible to an unauthorized person is called data encryption. The sequence that garbles the text that you write for an unintended recipient is called cryptographic key.
Why does ICANN’s main server use a cryptographic key?
To ensure that when you look up a website, you reach the address you wanted to reach.
This works like a bank locker. You have a key, and the bank has a key. When you want to access your locker, it will only open if both the keys are correct.
So when you type, say, moneycontrol.com, ICANN operated root server will provide the key for accessing “.com”, while the local moneycontrol.com server will provide the key for local domain, and only then can you access the website. This process takes only a few milliseconds and the end user hardly notices.
Why is this key being changed?
Because it’s not good for a cryptographic key to live forever. It is like any password, and needs to be changed sometimes.
Also, it is better to do this proactively rather than reactively in an emergency, says ICANN.
Who needs to know or make changes before the key is changed?
Internet service providers, enterprise network operators and others who operate DNSSEC validation. They will have to update their systems with the public part of the encryption key.
What’s the impact on Internet users?
If completed smoothly, there will be no visible change for the end user.
What could go wrong?
It is possible that all systems of the world may not be able to update with the new key/password changes or some software managing the Internet may not be able to function properly. In such a case, ICANN will reverse the changes to maintain a stable state of the Internet.
This could last indefinitely or until the issues are resolved and stability restored to the Internet again.
What will you see if your network operator hasn’t updated his system to adapt to the change?
You will not be able to access anything on the Internet, and a message such as “Page not found” could pop up.