[dns-operations] Root KSK rollover and trust anchors (was Re: .Org DNSSEC key management policy feedback)
jabley at hopcount.ca
Thu Jun 25 23:52:17 UTC 2009
On 26-Jun-2009, at 03:37, Andrew Sullivan wrote:
> On Thu, Jun 25, 2009 at 11:33:50AM +1200, Joe Abley wrote:
>> vendor-specific update channels ("Windows Update" and friends). There
>> has been talk of 5011, but concern over how a device which
>> over the rollover window might recover when it wakes up.
> What about
> http://tools.ietf.org/html/draft-wijngaards-dnsext-trust-history-02 to
> deal with that?
I have not yet found the time to ponder on that in any detail, but it
looks like a good thing.
In general, though, my assumption is that there will be multiple
overlapping solutions to the general problem space. I don't think we
need to worry about choosing just one, in either the short or long term.
In particular, using multiple mechanisms to gain trust in a trust
anchor helps defend against the possibility that a key compromise led
to any single publication mechanism distributing harmful data, masking
the intent of the real key holder to effect an emergency roll.
More information about the dns-operations