[ksk-rollover] ceremonies in April, and managing things less critical and the KSK.

Keith Mitchell keith at dns-oarc.net
Sun Apr 5 16:33:36 UTC 2020

On 4/5/20 12:21 PM, Russ Housley wrote:

>> Michael Richardson <mcr+ietf at sandelman.ca> wrote:
>>> I am unclear from reading things over again how the ZSK gets to 
>>> the>>> ceremony. Is a new ZSK keypair generated during the KSK,
>>> or is it generated>>> elsewhere and only the public part
>>> brought?
>> This is probably the wrong list to ask on.

> IANA has emergency procedures that can be used to obtain the needed 
> three shares.  It is clear from the text that you quote, that 
> emergency planning was considered fro the start.  I assume that IANA 
> will declare such an emergency in the next few days, and then 
> generate the next KSK under those procedures.  As I understand it, 
> the auditor will be able to tell that the emergency procedure were 
> properly followed.

Folks may find the discussion on this thread:


also informative on this topic.


More information about the ksk-rollover mailing list