[ksk-rollover] Why keep old private keys?

[Geoff Huston]

> On 4 Apr 2019, at 6:56 am, Jakob Schlyter <jakob at kirei.se> wrote:
> As I understand this, PTI is bound by the DPS to destroy the previous KSK at "the next scheduled key ceremony" or update the DPS to state otherwise.
> 

I am aware of this, but I am also aware that not every thought I had back in 2008 or so is true today. With hindsight I am sure that many thoughts I had back then were not true then or now!

I’m not in favour of retaining KSK-2010 forever - but I think destroying it in the next regularly scheduled key ceremony abruptly curtals the deployment of any possible tools that may allow reactivation of a dormant resolver to boot itself into a trust relationship with the current key based on its obe trust in a prior key. It would be preferable imho to have some time to think about this issue some more. It may turn out to be  be silly or impractical, in which case the delay in the key's destruction has not had any particular downside. but there is the possibility that such a tool may be feasible, which would remove one more impediment to a regular and frequent KSK roll. Previously I suggested to pause the destruction process 24 months. Still seems like a small time penalty to pay to allow us a bit more think time here.

So, as is evident from my response, I don't believe that the DPS is chiseled in an immutable granite slab. I think it can and should be changed as required to reflect an evolving understanding of our currently known requirements for KSK management in the root zone.

Geoff