[ksk-rollover] ceremonies in April, and managing things less critical and the KSK.

Michael Richardson mcr+ietf at sandelman.ca
Sun Apr 5 20:56:19 UTC 2020

S Moonesamy <sm+icann at elandsys.com> wrote:
    >> But, I started re-reading things because I was looking for pointers to
    >> documents *less* secure practices for CA key management.  That's poor
    >> wording.
    >> let me try again: Practices for lower value assets than the KSK.

    > There may be some old documentation (it is around a decade ago) which might
    > be of help to the alternatives which were considered.  The requirements for
    > the Root Zone are unique.  I suggest assessing which of them you works for
    > your case.

My cases are varied and not "mine"; I wish to point my readers towards one or
more survey articles that will point them in the right direction.
At the least, will permit them to form their own order of magnitude cost
estimates for different solutions.

So I would love to have those pointers.
I tried to follow "SAS 70 Root Key Ceremony", but SAS 70 is a different ISO
9000-type process, so it's a meta-process relating to auditing, not relating
to Root Key Ceremony.  But, a useful thing to apply to your Root Key Ceremony.

Michael Richardson <mcr+IETF at sandelman.ca>, Sandelman Software Works
 -= IPv6 IoT consulting =-

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 487 bytes
Desc: not available
URL: <http://mm.icann.org/pipermail/ksk-rollover/attachments/20200405/ae7b0e13/signature.asc>

More information about the ksk-rollover mailing list