[ksk-rollover] Why keep old private keys?

Jakob Schlyter jakob at kirei.se
Wed Apr 3 19:56:27 UTC 2019

The DNSSEC Practice Statement for the Root Zone KSK Operator [1] section 
6.5 says:

    After a RZ KSK has been removed from the key set, it will be 
    after its operational period until the next scheduled key ceremony,
    when the private component will be destroyed in accordance with
    section 5.2.10.

And section 5.2.10 says:

    When required, the RZ KSK Operator destroys RZ KSK private keys in a
    manner that reasonably ensures that there are no residual remains of
    the keys that could lead to the reconstruction of the keys.  The RZ
    KSK Operator utilizes the zeroization function of its hardware
    security modules and other appropriate means to ensure the complete
    destruction of RZ KSK private keys.  When performed, private key
    destruction activities are logged as part of a key ceremony.

As I understand this, PTI is bound by the DPS to destroy the previous 
KSK at "the next scheduled key ceremony" or update the DPS to state 


[1] https://www.iana.org/dnssec/icann-dps.txt

More information about the ksk-rollover mailing list