[ksk-rollover] Why keep old private keys?

Michael StJohns msj at nthpermutation.com
Thu Apr 4 19:58:21 UTC 2019

On 4/3/2019 4:24 PM, Geoff Huston wrote:
> I’m not in favour of retaining KSK-2010 forever - but I think destroying it in the next regularly scheduled key ceremony abruptly curtals the deployment of any possible tools that may allow reactivation of a dormant resolver to boot itself into a trust relationship with the current key based on its obe trust in a prior key

I have yet to hear any credible approach that would allow a dormant 
resolver - WITHOUT SOFTWARE UPDATES - to boot itself into a trust 
relationship based on the prior key.  Seriously - if you're updating the 
software.... update the keys.

No dormant resolver knows how to get from the 2010 key to the 2017 key 
without replaying already signed RRSets over a period of 60 some odd 
days.  The software does not support it.  And even then, you don't need 
the 2010 key - you just need the signatures its already produced.

Seriously, delete the damn key already.   Or come up with a credible 
approach that doesn't begin with "maybe" or "i think" or "may allow" and 
that holds together through at least 4 email exchanges.

Hoarding is a sickness that we need not inflict on the DNS root of trust.

Later, Mike

More information about the ksk-rollover mailing list