<div dir="ltr"><p dir="ltr" style="color:rgb(0,0,0);line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:Arial;background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap">Below is the distillation of my notes regarding the future of KSK rolls. Without a doubt, many of the ideas below have come from conversations with others or statements made on the list or in the meetings, but this is my current view of things.</span></p><br style="color:rgb(0,0,0)"><p dir="ltr" style="color:rgb(0,0,0);line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:Arial;background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap">--tim</span></p><br style="color:rgb(0,0,0)"><p dir="ltr" style="color:rgb(0,0,0);line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:Arial;background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap">Rotation Period:</span></p><br style="color:rgb(0,0,0)"><p dir="ltr" style="color:rgb(0,0,0);line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:Arial;background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap">The key should be rotated on a regular schedule. What a "regular schedule” is up for debate, probably with parties from the ICANN Community, ICANN org (likely the Office of the CTO - OCTO) and IETF participants (likely interested parties from dnsop). The starting point for the conversation would be to consider the guidance set out in the [DNSSEC Practice Statement for the Root Zone KSK Operator] document, section 6.5. (Sidenote: I believe that section 6.5 should have been worded differently to be more clear on the intentions of the authors, possibly saying "Each RZ KSK will be scheduled to be rolled over through a key ceremony as required, and to happen at least once every five years”).</span></p><br style="color:rgb(0,0,0)"><p dir="ltr" style="color:rgb(0,0,0);line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:Arial;background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap">The rotation period of five years, in my opinion, is far too long and can result in operators and developers becoming complacent, or being generally unaware, that keys rolls happen. My current opinion is that the rotation period should be roughly once a year. The yearly cadence would allow the key to be somewhat stable but also have the key rolls be a regular event that can be predicted while not falling too far out of working memory.</span></p><br style="color:rgb(0,0,0)"><p dir="ltr" style="color:rgb(0,0,0);line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:Arial;background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap">In thinking about rotations, I started to wonder if the timing for the whole process should be on a predictable, fixed day of week and time of year as to be predictable, even before formal timelines are published. The scheduling of the critical dates (like changes to the root zone file) should probably be scheduled in the same way that the US holidays of Thanksgiving, Memorial Day, Labor Day or Election Day is done; where a specific day of the week and a specific week in the year are specified (eg 4th Thursday in November for US Thanksgiving).</span></p><br style="color:rgb(0,0,0)"><p dir="ltr" style="color:rgb(0,0,0);line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:Arial;background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap">A proposed schedule for the process could be like the following:</span></p><br style="color:rgb(0,0,0)"><p dir="ltr" style="color:rgb(0,0,0);line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:Arial;background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap"><span class="gmail-m_-6103598077316347842gmail-Apple-tab-span">     </span></span><span style="font-size:11pt;font-family:Arial;background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap"><span class="gmail-m_-6103598077316347842gmail-Apple-tab-span">   </span></span><span style="font-size:11pt;font-family:Arial;background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap"><span class="gmail-m_-6103598077316347842gmail-Apple-tab-span">   </span></span><span style="font-size:11pt;font-family:Arial;background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap">--- Process Start ---</span></p><ol style="color:rgb(0,0,0);margin-top:0pt;margin-bottom:0pt"><li dir="ltr" style="margin-left:15px;list-style-type:decimal;font-size:11pt;font-family:Arial;background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline">Key Generation (Site A): First Tuesday of September</span></p></li><li dir="ltr" style="margin-left:15px;list-style-type:decimal;font-size:11pt;font-family:Arial;background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline">Key Replicated to Alternate Site: As able but before the next step</span></p></li><li dir="ltr" style="margin-left:15px;list-style-type:decimal;font-size:11pt;font-family:Arial;background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline">Key Published in IANA: First Tuesday in October</span></p></li><li dir="ltr" style="margin-left:15px;list-style-type:decimal;font-size:11pt;font-family:Arial;background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline">Key Published in the Root Zone: First Tuesday in November</span></p></li><ol style="margin-top:0pt;margin-bottom:0pt"><li dir="ltr" style="margin-left:15px;list-style-type:lower-alpha;font-size:11pt;font-family:Arial;background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline">( allow 2 months for RFC5011 to work )</span></p></li></ol><li dir="ltr" style="margin-left:15px;list-style-type:decimal;font-size:11pt;font-family:Arial;background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline">New KSK switch to sign the root zone: Second Tuesday in January </span></p></li><ol style="margin-top:0pt;margin-bottom:0pt"><li dir="ltr" style="margin-left:15px;list-style-type:lower-alpha;font-size:11pt;font-family:Arial;background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline">( pushed out a week to allow for New Years Celebrations )</span></p></li><li dir="ltr" style="margin-left:15px;list-style-type:lower-alpha;font-size:11pt;font-family:Arial;background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline">( allow 2 months before revocation )</span></p></li></ol><li dir="ltr" style="margin-left:15px;list-style-type:decimal;font-size:11pt;font-family:Arial;background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline">Old Key Revoked Bit Set: Second Tuesday in March </span></p></li><ol style="margin-top:0pt;margin-bottom:0pt"><li dir="ltr" style="margin-left:15px;list-style-type:lower-alpha;font-size:11pt;font-family:Arial;background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline">( allow 2 months before removal )</span></p></li></ol><li dir="ltr" style="margin-left:15px;list-style-type:decimal;font-size:11pt;font-family:Arial;background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline">Old Key removed from Root Zone: Second Tuesday in May</span></p></li></ol><p dir="ltr" style="color:rgb(0,0,0);line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:Arial;background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap"><span class="gmail-m_-6103598077316347842gmail-Apple-tab-span">    </span></span><span style="font-size:11pt;font-family:Arial;background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap"><span class="gmail-m_-6103598077316347842gmail-Apple-tab-span">   </span></span><span style="font-size:11pt;font-family:Arial;background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap"><span class="gmail-m_-6103598077316347842gmail-Apple-tab-span">   </span></span><span style="font-size:11pt;font-family:Arial;background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap">--- Process Complete ---</span></p><br style="color:rgb(0,0,0)"><p dir="ltr" style="color:rgb(0,0,0);line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:Arial;background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap">I have not been very rigorous about the dates suggested above, but something similar to the [IETF Clash List] should be considered at least at the start of the roll process to try and limit the collateral damage that might be caused by an accident while the process starts up. It would also be wise to consider major Holidays like Passover and Christmas as well. When thinking about the schedule above the following considerations were made:</span></p><p dir="ltr" style="color:rgb(0,0,0);line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:Arial;background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap">* avoid US major / bank holidays on key steps</span><span style="font-size:11pt;font-family:Arial;background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap"><br></span><span style="font-size:11pt;font-family:Arial;background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap">* avoid Patch Tuesday during the first half of the process until the new key is published</span></p><p dir="ltr" style="color:rgb(0,0,0);line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:Arial;background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap">* skip Mondays (holidays tend to fall on Mondays). This also helps avoid people who take long weekends.</span></p><p dir="ltr" style="color:rgb(0,0,0);line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:Arial;background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap">* skip Fridays / Weekends: many senior engineering / ops staff have weekends off. Also changing things on Friday tends to have unnoticed failures until the following week.</span></p><br style="color:rgb(0,0,0)"><p dir="ltr" style="color:rgb(0,0,0);line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:Arial;background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap">Each of the steps listed above should also have some sort of communication around it, ideally with some pre-notification and then a confirmation message following the completion. When the rolls start to become more commonplace, the number of notifications may start to go away, but I think that would be community driven as we get better at rolling the KSK.</span></p><br style="color:rgb(0,0,0)"><p dir="ltr" style="color:rgb(0,0,0);line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:Arial;background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap">Key Management Methodology</span></p><br style="color:rgb(0,0,0)"><p dir="ltr" style="color:rgb(0,0,0);line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:Arial;background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap">The current steady state of the KSK has one valid KSK. To this point, this has not been a problem, but this also means that if an emergency keyroll is required, the current tooling / support will not help with a roll. A potential way to support an emergency key roll, should one be needed, would be to have a backup key created and staged in the root zone. To take this approach, I would propose a model where, outside of an emergency condition, there would be at least two KSKs in the root zone at any time which have been published for at least one month (the 5011 hold down timer length). To achieve this, using the schedule proposed above, the steps 1-4 would happen, creating a new key. Step 5 would promote a key that has been in the root zone for 14 months to active and then step 6 would be on a key that has been provisioned for 26 months before it is then removed from the zone two months later. For a six-month window, there would end up being three keys in the root zone, but one would be a hot standby, ready for use in the event of an emergency.</span></p><br style="color:rgb(0,0,0)"><p dir="ltr" style="color:rgb(0,0,0);line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:Arial;background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap">Here is an example of the key rolling broken down</span></p><br style="color:rgb(0,0,0)"><p dir="ltr" style="color:rgb(0,0,0);line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:Arial;background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap"><span class="gmail-m_-6103598077316347842gmail-Apple-tab-span">        </span></span><span style="font-size:11pt;font-family:Arial;background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap">State 1: KSKA (signing), KSKB (next key / emergency key)</span></p><p dir="ltr" style="color:rgb(0,0,0);line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:Arial;background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap"><span class="gmail-m_-6103598077316347842gmail-Apple-tab-span">      </span></span><span style="font-size:11pt;font-family:Arial;background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap">State 2: KSKA (signing), KSKB (next key / emergency key), KSKC (new)</span></p><p dir="ltr" style="color:rgb(0,0,0);line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:Arial;background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap"><span class="gmail-m_-6103598077316347842gmail-Apple-tab-span">  </span></span><span style="font-size:11pt;font-family:Arial;background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap">State 3: KSKA, KSKB (signing), KSKC (next key / emergency key)</span></p><p dir="ltr" style="color:rgb(0,0,0);line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:Arial;background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap"><span class="gmail-m_-6103598077316347842gmail-Apple-tab-span">        </span></span><span style="font-size:11pt;font-family:Arial;background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap">State 4: KSKA (revoked), KSKB (signing), KSKC (next key / emergency key)</span></p><p dir="ltr" style="color:rgb(0,0,0);line-height:1.38;margin-top:0pt;margin-bottom:0pt;text-indent:36pt"><span style="font-size:11pt;font-family:Arial;background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap">State 4: KSKB (signing), KSKC (next key / emergency key)</span></p><br style="color:rgb(0,0,0)"><p dir="ltr" style="color:rgb(0,0,0);line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:Arial;background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap">Having three keys (using the algorithm currently in use by the root zone, RSA/SHA-256) would likely make the DNSKEY query response quite large resulting in increased traffic to the root servers. Before considering this model, I would defer to OCTO and the RSSAC for an assessment of the state of the root servers. To support an expanded number of keys in the root, a key algorithm roll might also be an interesting conversation area.</span></p><br style="color:rgb(0,0,0)"><p dir="ltr" style="color:rgb(0,0,0);line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:Arial;background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap">Having now talked about an algorithm roll, I also want to bring up another possible concern when it comes to cryptographic keys: potential weaknesses in algorithms. It may be worth considering a backup key that is a different algorithm family from the other keys that are provisioned in the event that an algorithm is needed expeditiously.</span></p><br style="color:rgb(0,0,0)"><p dir="ltr" style="color:rgb(0,0,0);line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:Arial;background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap">Considerations of KSK2010</span></p><br style="color:rgb(0,0,0)"><p dir="ltr" style="color:rgb(0,0,0);line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:Arial;background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap">I’ve seen the discussion that happened in Prague at IETF104 about the scheduled destruction of KSK2010. I’m not convinced it is the best idea to destroy the key yet assuming it is still stored in the same way as it was when it was the active key. To Wes’ point during the KSK BoF, it might be interesting to find some way to chain all KSKs that are in use back to a KSK, such as KSK2010, but then there is the issue that code that still relies on KSK2010 will not have any new method to bootstrap up from KSK2010, so the point might be moot. I think it would be wise to consider other options of things we might want to do with that key before it goes away, but to also keep in mind that we might want to just treat KSK2010 as dead and pick up on KSK2017 (or some successor) as the initial trust anchor.</span></p><br style="color:rgb(0,0,0)"><p dir="ltr" style="color:rgb(0,0,0);line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:Arial;background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap">IETF Clash List: </span><a href="http://www6.ietf.org/meeting/clash-list.html" target="_blank" style="text-decoration-line:none"><span style="font-size:11pt;font-family:Arial;background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;text-decoration-line:underline;vertical-align:baseline;white-space:pre-wrap">http://www6.ietf.org/meeting/clash-list.html</span><span style="font-size:11pt;font-family:Arial;color:rgb(0,0,0);background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap"><span class="gmail-m_-6103598077316347842gmail-Apple-tab-span"> </span></span></a></p><p dir="ltr" style="color:rgb(0,0,0);line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:Arial;background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap">DNSSEC Practice Statement for the Root Zone KSK Operator: <a href="https://www.iana.org/dnssec/icann-dps.txt" target="_blank">https://www.iana.org/dnssec/icann-dps.txt</a></span></p></div>