[ksk-rollover] [Ext] Re: Starting discussion on acceptable criteria for proceeding with the root KSK roll

Doug Barton dougb at dougbarton.email
Wed Jan 10 00:21:02 UTC 2018

On 01/08/2018 11:35 PM, Jakob Schlyter wrote:

> Adding has an emergency rollover key (as described by Mike) has been 
> considered several times over the years, but has been rejected every 
> time due to how the primary key is protected and maintained. No failure 
> scenario has been identified where it wouldn't be possible to recover 
> from a failure and still maintain public transparency. 

Does that include a scenario where the algorithm used by the current key 
is unexpectedly broken? (Commonly referred to as alg failure)


More information about the ksk-rollover mailing list