Since the handling of the KSK came up in our discussions, people might be interersted in the following announcement: ICANN Announces 2015 Hardware Security Module Replacement Project for the Root Key Signing Key <https://www.icann.org/news/announcement-3-2015-03-23-en> Regards, jaap