[ksk-change] planned vs. emergency (was Re: [ksk-rollover] root zone KSK ...)

David Conrad david.conrad at icann.org
Tue Sep 23 16:58:56 UTC 2014


On Sep 23, 2014, at 1:05 AM, Olaf Kolkman <kolkman at isoc.org> wrote:
> It is not about if we will being a doing a key rollover but about when. 

Actually, I’d say it is about:
- what do we want to do in addition to rolling the key (e.g., longer key size, change algorithms, add more keys, etc)
- the exact methodology by which we will roll the key.
- how frequently will we roll the key
- what’s going to break when we roll the key (and how do we mitigate/remedy that breakage)

I see the “when” bit as a relatively minor detail once we get the above ironed out.

> Fair. It is probably good for somebody to conclude that brainstorming phase at some point and summarize what has been said.

I’m still seeing “brain squalls”, so I don’t think we’re at a summarization point as yet (but that might just be me)..


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 496 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://mm.icann.org/pipermail/ksk-rollover/attachments/20140923/23bfe244/signature.asc>

More information about the ksk-rollover mailing list