[ksk-rollover] thoughts to the list as requested

Michael Richardson mcr+ietf at sandelman.ca
Tue Apr 2 20:53:21 UTC 2019


Joe Abley <jabley at hopcount.ca> wrote:
    >> I think that may be situations which pre-publication of standby keys might not
    >> mitigate.  I think that we won't be sure until we write down the reasons for
    >> an emergency key-roll.  As a small detail; who would make that call, and how
    >> much time would they have to make the decision?

    > I suspect this is not the right list to conduct a design exercise.

    > The question of who gets to declare a compromise, how they would decide
    > to do so and how much time they would have to make the decision are (I
    > think) IANA, unknown and unknown. This is a good example of interesting
    > work that is much easier to contemplate once the KSK is rolling
    > regularly and unremarkably.

What if our current roll process (which we will have been rehearsing a lot),
can not cope with the resulting answers?

--
Michael Richardson <mcr+IETF at sandelman.ca>, Sandelman Software Works
 -= IPv6 IoT consulting =-



-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 487 bytes
Desc: not available
URL: <http://mm.icann.org/pipermail/ksk-rollover/attachments/20190402/2c040912/signature.asc>


More information about the ksk-rollover mailing list