On Jan 21, 2010, at 4:47 PM, David Conrad wrote: > On Jan 21, 2010, at 1:42 PM, Edward Lewis wrote: >>> Presumably there are all sorts of other credentials that control access to >>> the >>> ZSK (e.g., administrator SSH private keys, root passwords, etc.) Do you also >>> propose to roll all of these every month? If not, why not? > ... >> But I think a point has been missed - the roll of keys on a periodic basis >> is needed to *exercise the activity* if not achieve a higher level of >> security. > > +1 > > Fixing secretly compromised ZSKs is a side benefit.
Rolling to mitigate secretly compromised keys suggests that compromising a key is a one-off event. If its compromised once, you have to assume its compromised often. It will probably compromised after each roll. Compromising a key likely stems from bad operational hygiene, not from advances in cryptography. Rolling keys won't help here. I agree with EKR. I don't appreciate the frequent rollover syndrome. Roy _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop