[ksk-rollover] followup of DNSSEC Workshop at ICANN64

[Michael Richardson]

    >>> If keys are generated a few years in advance of going into active
    >>> use, there is plenty of time for them to be disseminated
    >>> beforehand. They do not have to be pre-published in the zone
    >>> (although that is what RFC 5011 was designed for); they can be
    >>> distributed out of band by software updates or other means.  If
    >>> there are annual rollovers with keys generated N years in advance,
    >>> at any time there will be N pre-published keys one of which might
    >>> be pre-published in the zone, one active KSK in production, and
    >>> maybe one in retirement.

On 3/14/19 12:38 PM, Michael Richardson wrote:
    >> Yes, I'd like to do that. I'd like N=10, and the roll-over frequency
    >> to be yearly.

Keith Mitchell <keith at dns-oarc.net> wrote:
    > The problem with generating that many keys out into the future is they
    > then become hostages to fortune should any issues arise during that
    > time-span with the integrity of those keys. e.g. a breach which causes
    > the private keys to be disclosed, flaws being discovered in the
    > algorithm in use, or the processes used to generate the keys, etc.

    > Which would likely mean a complete reset for new keys to be generated,
    > and a very large pile of baked-in pre-disseminated keys needing revoked.

It seems that these issues exist if there are *any* keys generated before
use, independantly of the number of keys.  Based upon my reading of the spec
sheet of the HSM that ICANN uses, it can store ~1K key pairs, so it's not
like we need two devices for 10 vs 5 keys.

--
Michael Richardson <mcr+IETF at sandelman.ca>, Sandelman Software Works
 -= IPv6 IoT consulting =-



-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 487 bytes
Desc: not available
URL: <http://mm.icann.org/pipermail/ksk-rollover/attachments/20190315/c4978c14/signature.asc>