[ksk-rollover] Stand-by KSK for algorithm rollover
Davey Song(宋林健)
ljsong at biigroup.cn
Wed Apr 10 10:31:33 UTC 2019
Hi folks,
I noticed that no stand-by KSK is pre-published in 2017-ksk rollover, right?
I put it due to the limitation of size of DNS response. Any other concerns
on stand-by KSK in real production network?
Now I’m planning to put a stand-by key in algorithm rollover in my lab
test. Because I think ECDSA saves much space than RSA, so maybe it is time
to consider Stand-by key for algorithm rollover. Is there any special
consideration should be taken care for stand-by key in algorithm rollover.
Thanks in advance.
Best regards,
Davey
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/ksk-rollover/attachments/20190410/8e92877e/attachment.html>
More information about the ksk-rollover
mailing list