[ksk-change] planned vs. emergency (was Re: [ksk-rollover] root zone KSK ...)
Michael StJohns
msj at nthpermutation.com
Sun Sep 21 17:27:28 UTC 2014
On 9/21/2014 11:41 AM, Joe Abley wrote:
> One way that an emergency roll is different from a planned roll is that a planned roll can make use of existing non-compromised KSKs and their corresponding trust anchors, whereas an emergency roll (where the emergency is a consequence of a key compromise) might not have that luxury.
This is probably not the definition the rest of us are using.
Emergency: Action taken because a key is compromised. Planned: Action
taken because its time to do so. The state of the key data set is
orthogonal to whether a key change is planned or emergency, but has a
substantial affect on the actions taken during the key change.
Mike
More information about the ksk-rollover
mailing list