[ksk-rollover] followup of DNSSEC Workshop at ICANN64

S Moonesamy sm+icann at elandsys.com
Mon Mar 18 15:59:43 UTC 2019

Hi Michael,
At 07:59 AM 18-03-2019, Michael Richardson wrote:
>I am not addressing the absolute risk of exfiltration attacks,
>but rather asking if having more keys in the HSM causes a relative
>change to the risk of exfiltration attacks.

The simple answer is no.

>More keys generated might mean that the HSM is unlocked more often,
>but I don't think this would be the case.  My understanding is that the HSMs
>need to be acccessed on a regular basis by the Security Officers anyway in
>order to sign new ZSKs.

The HSMs on the West Coast (U.S.) are activated twice a year during 
scheduled KSK Ceremonies by using three out of the seven "OP" 
cards.  Physical access to the HSMs (hardware device) is under the 
control of the Root Zone Manager.

A KSK Ceremony takes more time (not more Ceremonies) if there are 
more "keys" to generate.  The same number of KSK Ceremonies were held 
for the "keys" required for the roll-over process.  I have requested 
authorization to attend events which might entail access to a 
security card and the Root Zone Manager agreed to those 
requests.  Such events are usually scheduled within a day of a KSK Ceremony.

S. Moonesamy

More information about the ksk-rollover mailing list