[ksk-rollover] some simple/silly questions about root KSK ceremonies
Kim Davies
kim.davies at iana.org
Mon Jul 13 20:38:59 UTC 2020
Hi Michael,
Quoting Michael Richardson on Monday July 13, 2020:
>
> Three questions:
>
> 1) Should I refer to
> https://www.iana.org/dnssec/icann-dps.txt
> or https://www.iana.org/dnssec/dps/zsk-operator/dps-zsk-operator-v2.0.pdf
>
> as the authoritative document?
The former is the KSK Operator DPS, the latter is the ZSK Operator DPS.
They are two distinctly different documents given KSK and ZSK operations
are split in the root zone across two different entities. If you are
referring to KSK management you should cite the former document.
> 2) With the April 23 ceremoney (#41) having been held, would
> there there not have been another in July?
> What will happen?
> It seems that maybe enough things were signed in April to last awhile.
KSK Ceremony 41 generated signatures covering 9 months
of material as a contigency measure due to COVID-19. See
https://www.icann.org/news/blog/conducting-a-key-signing-ceremony-in-the-face-of-covid-19
for an explanation written prior to the last key ceremony, and
https://labs.ripe.net/Members/mirjam/managing-the-trust-anchor-of-the-dns-against-adversity
for something a little more recent.
As a result of this, we don't have an need to hold a ceremony for key
signing purposes until approximately February 2021.
> 3) There was a long debate about how often to roll the root key.
> A link to:
> https://www.icann.org/public-comments/proposal-future-rz-ksk-rollovers-2019-11-01-en
> was posted last fall.
>
> I see that the report is still overdue.
You're right that the staff report is overdue. That is predominantly
due to us suspending work on pushing toward the next rollover to deal
in the short-term with holding the contingency ceremony described
above, and right now continuing to monitor the arc of the pandemic and
getting a better handle on its long-term implicationsbefore we commit to
performing future rollovers on a predictable schedule.
With that said we do still need to bite the bullet and consolidate our
current thinking into a report and get that posted. I'll update this
list once that is done.
Thanks,
kim
More information about the ksk-rollover
mailing list