Hi, On 2010-10-04, at 10:31, Eric Rescorla wrote:
> On Sun, Oct 3, 2010 at 10:54 AM, Joe Abley <jab...@hopcount.ca> wrote: > >> On 2010-10-03, at 13:31, Eric Rescorla wrote: >> >> > I'm asking because I'm pretty familiar with cryptography and I know that >> > keys don't suddenly become >> > worthless just because they get past their intended use lifetime. The >> > semantics of signature >> > security of old keys is a lot more complicated than that. >> >> The context here is the publication of DNSSEC trust anchors for the root >> zone. >> >> At least some of the cases we're talking about involve signatures >> necessarily made by keys after an emergency key roll which has taken place >> because the old key has been compromised. Such signatures are worthless. >> > > I don't think this follows. In the context of our discussion, it does. We are discussing arrangements for publishing a trust anchor for a key whose management has already been carefully specified, and does not include (for example) pre-generation of the next key in the way you suggest. I think it's perfectly valid to discuss the management of the root zone KSK, ideally with careful reference to the DPS that ICANN published. However, that's not what we're talking about here. Joe _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
