[ksk-rollover] [Ext] Re: Starting discussion on acceptable criteria for proceeding with the root KSK roll
Doug Barton
dougb at dougbarton.email
Wed Jan 10 00:21:02 UTC 2018
On 01/08/2018 11:35 PM, Jakob Schlyter wrote:
> Adding has an emergency rollover key (as described by Mike) has been
> considered several times over the years, but has been rejected every
> time due to how the primary key is protected and maintained. No failure
> scenario has been identified where it wouldn't be possible to recover
> from a failure and still maintain public transparency.
Does that include a scenario where the algorithm used by the current key
is unexpectedly broken? (Commonly referred to as alg failure)
Doug
More information about the ksk-rollover
mailing list