[gtld-tech] .DESI to Be Placed in the Emergency Back-end Registry Operator Program

[Wes Hardaker]

Dr Eberhard W Lisse via gtld-tech <gtld-tech at icann.org> writes:

> Pardon my ignorance, but would such a roll at transfer not require the
> collaboration of the losing Registry?

[Note: though I'm on the ICANN board, I'm both not speaking for the
board and I don't have any direct knowledge of the situation of this
particular event in the first place -- I'm speaking purely from a
technical and personal perspective only]

That's certainly the core of the problem, but the answer depends on a
lot of things like the signature timing of the current records, the TTLs
of those records and the DS record, etc.  You can do things to minimize
the impact if you don't have the original DNSKEY but it may not be
trivial if the timing constraints don't let you do something safer.
Certainly one thing you shouldn't do at the same time is an algorithm
roll, as that would increase the complexity significantly.

-- 
Wes Hardaker
USC/ISI