[ksk-rollover] thoughts to the list as requested
jabley at hopcount.ca
Tue Apr 2 20:56:21 UTC 2019
On 2 Apr 2019, at 16:53, Michael Richardson <mcr+ietf at sandelman.ca> wrote:
> Joe Abley <jabley at hopcount.ca> wrote:
>>> I think that may be situations which pre-publication of standby keys might not
>>> mitigate. I think that we won't be sure until we write down the reasons for
>>> an emergency key-roll. As a small detail; who would make that call, and how
>>> much time would they have to make the decision?
>> I suspect this is not the right list to conduct a design exercise.
>> The question of who gets to declare a compromise, how they would decide
>> to do so and how much time they would have to make the decision are (I
>> think) IANA, unknown and unknown. This is a good example of interesting
>> work that is much easier to contemplate once the KSK is rolling
>> regularly and unremarkably.
> What if our current roll process (which we will have been rehearsing a lot),
> can not cope with the resulting answers?
Well, the opposite ordering involves designing a policy framework for a rollover that you don't know how to execute, which seems like more of a problem.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 195 bytes
Desc: Message signed with OpenPGP
More information about the ksk-rollover