[ksk-rollover] Future rollover planning opportunities
Matt Larson
matt.larson at icann.org
Wed Feb 20 19:31:49 UTC 2019
Please note that the text Paul quotes is from Michael Richardson, not Russ Housley.
> On Feb 20, 2019, at 2:09 PM, Paul Wouters <paul at nohats.ca> wrote:
>
> On Wed, 20 Feb 2019, Russ Housley wrote:
>
>> I think that there is very little incremental cost to including a multitude
>> of keys in a software release. i.e. rather than 1 or 3 for the next 3-4
>> years, I'd like to around a dozen. With a variety of algorithms, keysizes,
>> and with the private keys escrowed in a variety of ways.
>
> That makes monitoring and transparency recoding of private key usage
> much harder. It also raises the possibly abuse of any DNSSEC key to the
> weakest key escrow method, and will surely raise lots of red flags with
> people who already don't trust this system.
>
> One of our arguments now is that if Verisign or ICANN abuses its key
> holding power, they will go down (commercially or non-commercially) and
> so they have a strong incentive not to blindly accept NSLs. When we have
> multiple escrow parties, its easy to sacrifice one. So this is
> detrimental to the security of the system as a whole.
>
>> I'd like for this to include a hash-based signature system, but I'm not sure
>> we have the standards specifications for this nailed down sufficiently.
>
> Please experiment locally, not globally. Kthanks :)
>
> Paul
> _______________________________________________
> ksk-rollover mailing list
> ksk-rollover at icann.org
> https://mm.icann.org/mailman/listinfo/ksk-rollover
More information about the ksk-rollover
mailing list