On Tue, 21 Apr 2009, Edward Lewis wrote:
Rolling a key is much less problematic (especially ZSKs) than having to clean up a "hijacked" delegation. Even a KSK isn't that bad - if the parent is signed and I never promise my KSK as an SEP.
Then you put your vulnerability period during emergency key rollover in the hands of the RRSIG lifetime of the parent. That lifetime is probably even longer then the time for the attack(er) to make it to CNN's broadcast that hopefully warns your custmers.
This isn't a "death-knell" for HSMs in my mind. There are environments where they are useful. It's just in an environment which already has a lot of "fortification" an HSM may not be an improvement, other than to claim "we do it."
I do agree mostly with this statement. See previous email. Paul _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
