[RSSAC Caucus] Fwd: INPUT REQUESTED: Proposal for Future Root Zone KSK Rollovers

Dessalegn Yehuala mequanint.yehuala at gmail.com
Sun Dec 15 09:36:34 UTC 2019 

I agree  with Paul's comment. I forgot to share my comments on this to the
RSSAC mailing list. It was sent a couple of days back. My comments are
described below.

---------- Forwarded message ---------
From: Dessalegn Yehuala <mequanint.yehuala at gmail.com>
Date: Thu, 12 Dec 2019, 16:54
Subject: Re: [RSSAC Caucus] INPUT REQUESTED: Proposal for Future Root Zone
KSK Rollovers
To: Andrew McConachie <andrew.mcconachie at icann.org>


Hi Andrew,

I have two comments to forward on the proposed future root zone KSK
rollovers:

1.       Section 2.4 (Rationale for rollover frequency)- the rationale
given is vague or at best subjective, no cost model or any other parameters
(based on challenges faced in previous KSK rollovers) have been used to
justify the tradeoffs that come along with making the rollover frequency to
3 years. Why not for a longer rollover frequency like 4 years or 5 years?

2.       Section 2.6 (Changes to key algorithm and strength)- it only
assumes on the current state of the strength of the current cryptographic
algorithm employed for the KSK (2048-bit RSA), there is no risk mitigation
identified in the event the current cryptographic algorithm discovered to
have some exploitable vulnerabilities.

Kind regards,
Dessalegn


On Wed, Dec 11, 2019 at 7:06 PM Andrew McConachie <
andrew.mcconachie at icann.org> wrote:

> Dear RSSAC Caucus,
>
> A friendly reminder to send in any feedback by *December 15th*.
>
> Thanks,
> Andrew
>
> On Dec 3, 2019, at 22:49, Andrew McConachie <andrew.mcconachie at icann.org>
> wrote:
>
> Dear RSSAC Caucus,
>
> The IANA has published a Proposal for Future Root Zone KSK Rollovers and
> is soliciting public comments on it.
> <https://www.icann.org/public-comments/proposal-future-rz-ksk-rollovers-2019-11-01-en
> [icann.org]
> <https://urldefense.proofpoint.com/v2/url?u=https-3A__www.icann.org_public-2Dcomments_proposal-2Dfuture-2Drz-2Dksk-2Drollovers-2D2019-2D11-2D01-2Den&d=DwMGaQ&c=FmY1u3PJp6wrcrwll3mSVzgfkbPSS6sJms7xcl4I5cM&r=KNEpS67O2txk54bIz-1lXP0tI5Rmtg88Ogwh6PVSGXJyTMuY0E2SHr70jrG3fGLJ&m=YoEr8VEKz6dca-SGMKWvE03nw_u3sPlsVD0NNpEPcHM&s=iSIeBJOqhJGp75k8Ljg2x9X2ytOJJS9p0ftdFWwR7q0&e=>
> >
>
> The RSSAC wishes to solicit feedback from the Caucus to determine its
> response. Please review the proposal and if you have comments please send
> them to this list by *December 15th*. Depending on the comments and
> discussion generated on this list the RSSAC may kick off a quick work party
> to draft input, or we may just continue using this list for development of
> the document.
>
> The final deadline for input is January 31, 2020. So we don’t have too
> much time to get something ready.
>
> Thanks,
> Andrew
> _______________________________________________
> rssac-caucus mailing list
> rssac-caucus at icann.org
> https://mm.icann.org/mailman/listinfo/rssac-caucus
>
> _______________________________________________
> By submitting your personal data, you consent to the processing of your
> personal data for purposes of subscribing to this mailing list accordance
> with the ICANN Privacy Policy (
> https://urldefense.proofpoint.com/v2/url?u=https-3A__www.icann.org_privacy_policy&d=DwICAg&c=FmY1u3PJp6wrcrwll3mSVzgfkbPSS6sJms7xcl4I5cM&r=KNEpS67O2txk54bIz-1lXP0tI5Rmtg88Ogwh6PVSGXJyTMuY0E2SHr70jrG3fGLJ&m=YoEr8VEKz6dca-SGMKWvE03nw_u3sPlsVD0NNpEPcHM&s=JiOXKxz9uWMyFvh-7EqqQeW9rC17QLtbvoxswWzxji8&e=
> ) and the website Terms of Service (
> https://urldefense.proofpoint.com/v2/url?u=https-3A__www.icann.org_privacy_tos&d=DwICAg&c=FmY1u3PJp6wrcrwll3mSVzgfkbPSS6sJms7xcl4I5cM&r=KNEpS67O2txk54bIz-1lXP0tI5Rmtg88Ogwh6PVSGXJyTMuY0E2SHr70jrG3fGLJ&m=YoEr8VEKz6dca-SGMKWvE03nw_u3sPlsVD0NNpEPcHM&s=DpILgk5e8_fzesfeVQHSo_hM4PrDwfeOV2xBsPzvacs&e=
> ). You can visit the Mailman link above to change your membership status or
> configuration, including unsubscribing, setting digest-style delivery or
> disabling delivery altogether (e.g., for a vacation), and so on.
>
>
> _______________________________________________
> rssac-caucus mailing list
> rssac-caucus at icann.org
> https://mm.icann.org/mailman/listinfo/rssac-caucus
>
> _______________________________________________
> By submitting your personal data, you consent to the processing of your
> personal data for purposes of subscribing to this mailing list accordance
> with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and
> the website Terms of Service (https://www.icann.org/privacy/tos). You can
> visit the Mailman link above to change your membership status or
> configuration, including unsubscribing, setting digest-style delivery or
> disabling delivery altogether (e.g., for a vacation), and so on.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/rssac-caucus/attachments/20191215/91c33018/attachment.html>

More information about the rssac-caucus mailing list