[dns-operations] Why roll the KSK? (was Sad news today: systemd-resolved to be deployed in Ubuntu 16.10)
paul at redbarn.org
Tue Jun 7 07:43:05 UTC 2016
Shane Kerr wrote:
> The risk analysis is a very reasonable and very tricky undertaking.
> Obviously the risk is lowest if you NEVER, EVER roll the KSK. But as
> soon as you do roll then you have to look at the amortized costs - like,
> is 0.1% breakage every year for 10 years worse or better than 1%
> breakage once? (Math says it is very slightly better... but the
> subjective feeling of things always breaking may be worse, or the
> subjective feeling of having "everything" fall apart on some flag day
> may be worse... ug. This stuff is hard.)
it's not hard. it's just unpublished.
icann ssac determined some years years ago that the ksk should roll
often enough to ensure that the risks and methods of ksk roll were
incorporated into normal operations of the global dns. we didn't have
metrics, we just noted that the cost of rolling a ksk on compromise (of
the key or the alg) would be near-infinite if it was other than routine.
let us please not re-litigate.
More information about the dns-operations