[ksk-rollover] Why keep old private keys?
msj at nthpermutation.com
Thu Apr 4 19:58:21 UTC 2019
On 4/3/2019 4:24 PM, Geoff Huston wrote:
> I’m not in favour of retaining KSK-2010 forever - but I think destroying it in the next regularly scheduled key ceremony abruptly curtals the deployment of any possible tools that may allow reactivation of a dormant resolver to boot itself into a trust relationship with the current key based on its obe trust in a prior key
I have yet to hear any credible approach that would allow a dormant
resolver - WITHOUT SOFTWARE UPDATES - to boot itself into a trust
relationship based on the prior key. Seriously - if you're updating the
software.... update the keys.
No dormant resolver knows how to get from the 2010 key to the 2017 key
without replaying already signed RRSets over a period of 60 some odd
days. The software does not support it. And even then, you don't need
the 2010 key - you just need the signatures its already produced.
Seriously, delete the damn key already. Or come up with a credible
approach that doesn't begin with "maybe" or "i think" or "may allow" and
that holds together through at least 4 email exchanges.
Hoarding is a sickness that we need not inflict on the DNS root of trust.
More information about the ksk-rollover