[ksk-change] Keeping two KSK keys long term

Tomofumi Okubo tomofumi.okubo at gmail.com
Thu Oct 2 21:13:57 UTC 2014

Hello Paul,

> On Thu, Oct 2, 2014 at 12:11 PM, Paul Hoffman <paul.hoffman at vpnc.org> wrote:
> 1) Is there an advantage to having two long-term KSKs in the same facilities that we have now?

Yes. I mentioned this before but the backup key could reside on different HSMs. This will prevent vendor lock-in and reduce the risk of all HSMs going bad at once for some reason (critical flaw etc...).

> 2) Is there sufficient funding to having an additional facility (or two) for the additional KSK?

I'm not sure about this one...

Just FYI, to build a facility from scratch, it will take at least 6 - 8 months. To update the policies and procedures in a manner that it won't affect the third party audit, it will take at least another 6 months including the inspection by the auditors. 


More information about the ksk-rollover mailing list