[ksk-rollover] Starting discussion on acceptable criteria for proceeding with the root KSK roll

David Conrad david.conrad at icann.org
Fri Jan 5 01:32:30 UTC 2018


On January 4, 2018 at 4:31:18 PM, Carlos Marcelo Martinez Cagnazzo (carlosm3011 at gmail.com<mailto:carlosm3011 at gmail.com>) wrote:
 The problem is, and Jacques said it much better than me, it’s the uncertainty. “Over soon” could be “we will not roll until 2020”, or “we will roll once the numbers for ksk2010 fall below X%”

Sorry, I’m a bit confused: are you saying the uncertainty is due to the lack of definitive criteria to move forward or that people are not certain that we will move forward?

This uncertainty every quarter will, IMO, seriously erode trust in DNSSEC.

TBH, I’m struggling a bit with this assertion. Whose trust is being eroded?

Again, just echoing here something already mentioned in this thread,  I also believe some amount of collateral damage seems unavoidable if we’re to ever roll the key. The question is how much.

And this is precisely the question that we’re trying to get answered. We absolutely know we’re going to break some resolver's ability to validate — the 8145 reports provide concrete proof. We have no idea what the collateral damage will be — we don’t even know how many people behind those resolvers will be impacted.

You and others appear to be saying that we should ignore that question (which calls into question the point of SAC-063 recommendation 3). I’m unsure this would be viewed by the wider community as prudent and I suspect it has the potential to more seriously erode the trust in DNSSEC than postponing the key roll has.

And no, I’m not a big risk taker, actually shame on me for that.

Err, but you’re saying roll sooner even without data — doesn’t that imply taking an unmeasured risk?



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/ksk-rollover/attachments/20180105/6cdf65bf/attachment.html>

More information about the ksk-rollover mailing list