On May 13, 2010, at 9:56 AM, George Barwood wrote: > I have been thinking about KSK rollover in my DNSSEC implementation, and it > seems > that there is currently no specification for KSK rollover within the DNSSEC > protocol. > > There is this expired requirements draft > > http://tools.ietf.org/wg/dnsop/draft-ietf-dnsop-key-rollover-requirements/ > > but that's all I found. > > Have I missed something? It seems to me that this is a rather vital component > if > DNSSEC is to be widely deployed. > > Are there any plans to revive and/or implement these requirements?
You probably want to read the Key Timing Considerations draft: http://tools.ietf.org/html/draft-morris-dnsop-dnssec-key-timing-02 _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
