Joe Abley wrote:
On 25-Aug-2009, at 10:53, Todd Glassey wrote:
Joe - the question becomes one of the integrity of the records process
Yes, that's my point.
But your point is as a Systems Administrator rather than a Systems
Auditor - the reasons for rolling the keys periodically pertain to
Security Policy and the Practice which implements it.
That said there are all kinds of PKI Operations Practice reasons
including "its part of our policy to roll keys periodically"
If there's no practical motivation to roll keys, then let's not do it.
Rolling keys is a pain.
That's because of the design of the technical system - and if the policy
controls specific to the use model had been designed before the protocol
was implemented this wouldn't be so hard.
If there *is* a practical motivation to roll keys, then let's not
infer any trust at all from old keys.
I agree that if a KEY is rolled it needs to have its application as a
reliable TRUST ANCHOR revoked or terminated for events moving forward -
but it still needs to be available for reviewing and re-certifying
events from a forensic viewpoint. It *(the rolled key) still needs to be
rolled so that requirement is still real.
Todd
Joe
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
------------------------------------------------------------------------
No virus found in this incoming message.
Checked by AVG - www.avg.com
Version: 8.5.409 / Virus Database: 270.13.65/2324 - Release Date: 08/24/09 12:55:00
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
