[ksk-rollover] ceremonies in April, and managing things less critical and the KSK.
Keith Mitchell
keith at dns-oarc.net
Sun Apr 5 16:33:36 UTC 2020
On 4/5/20 12:21 PM, Russ Housley wrote:
>> Michael Richardson <mcr+ietf at sandelman.ca> wrote:
>>>
>>> I am unclear from reading things over again how the ZSK gets to
>>> the>>> ceremony. Is a new ZSK keypair generated during the KSK,
>>> or is it generated>>> elsewhere and only the public part
>>> brought?
>>
>> This is probably the wrong list to ask on.
> IANA has emergency procedures that can be used to obtain the needed
> three shares. It is clear from the text that you quote, that
> emergency planning was considered fro the start. I assume that IANA
> will declare such an emergency in the next few days, and then
> generate the next KSK under those procedures. As I understand it,
> the auditor will be able to tell that the emergency procedure were
> properly followed.
Folks may find the discussion on this thread:
https://lists.dns-oarc.net/pipermail/dns-operations/2020-March/019874.html
also informative on this topic.
Keith
More information about the ksk-rollover
mailing list