[ksk-rollover] will there be another keyrollover?

Michael Richardson mcr+ietf at sandelman.ca
Fri Sep 2 03:44:47 UTC 2022

Paul Wouters <paul at nohats.ca> wrote:
    >> I mean, if the signed zone is loaded from disk, and rarely actually
    >> transfered over the network, then maybe having huge-sized signatures
    >> (which some NIST candidates feature) isn't so much a problem.

    > You are talking post quantum algorithms ? The ones that aren’t chosen
    > yet by NIST, aren’t specified in RFCs and aren’t implemented in any
    > software and aren’t deployed anywhere in resolvers ?

Yes... has anyone done an *experiment* here?
I am not suggesting we do it tomorrow, but rather that we know what might be
involved.  As I said: what if the root zone, being signed,  no longer needed
to do queries, because every recursive had a copy.

    > I think maybe the root should first roll to like algo 13 or something
    > similar where there is operational experience.

That's also worth considering, and I said last time that doing it more often
means more operational practice.

Michael Richardson <mcr+IETF at sandelman.ca>   . o O ( IPv6 IøT consulting )
           Sandelman Software Works Inc, Ottawa and Worldwide

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 515 bytes
Desc: not available
URL: <https://mm.icann.org/pipermail/ksk-rollover/attachments/20220901/3bb49060/signature.asc>

More information about the ksk-rollover mailing list