[ksk-rollover] thoughts to the list as requested
Michael Richardson
mcr+ietf at sandelman.ca
Tue Apr 2 20:53:21 UTC 2019
Joe Abley <jabley at hopcount.ca> wrote:
>> I think that may be situations which pre-publication of standby keys might not
>> mitigate. I think that we won't be sure until we write down the reasons for
>> an emergency key-roll. As a small detail; who would make that call, and how
>> much time would they have to make the decision?
> I suspect this is not the right list to conduct a design exercise.
> The question of who gets to declare a compromise, how they would decide
> to do so and how much time they would have to make the decision are (I
> think) IANA, unknown and unknown. This is a good example of interesting
> work that is much easier to contemplate once the KSK is rolling
> regularly and unremarkably.
What if our current roll process (which we will have been rehearsing a lot),
can not cope with the resulting answers?
--
Michael Richardson <mcr+IETF at sandelman.ca>, Sandelman Software Works
-= IPv6 IoT consulting =-
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 487 bytes
Desc: not available
URL: <http://mm.icann.org/pipermail/ksk-rollover/attachments/20190402/2c040912/signature.asc>
More information about the ksk-rollover
mailing list