At 12:54 -0800 1/21/10, Paul Hoffman wrote:
...as long as there is no cost to rolling regularly. But there are many:
I'm finding this discussion enlightening and interesting.
If the logic is that the only need to roll is event-based (detecting
a violation) because there is risk of a roll going badly - then
there's a reason to regularly "drill" when there's no threat to make
sure you minimize the chance of a screw-up during a real emergency.
How ironic. ;)
What scares me (too) is Andrew's observation that you might fail to
detect a bad key because of the size of a zone and potentially a
targeted attack on just one or two domains.
Perhaps monthly rolls aren't needed for crypto-sake, but the more
apparent this is the more apparent we need regular rolls for
operations-sake.
A bad roll will be detected and fixed faster than a secretly broken
key and an isolated target.
--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Edward Lewis
NeuStar You can leave a voice message at +1-571-434-5468
As with IPv6, the problem with the deployment of frictionless surfaces is
that they're not getting traction.
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
