Sept. 18, 2014
4:08 p.m.
Michael StJohns (msj) writes:
d) What is the expected impact on security if the KSK is compromised, and we have no way of rolling the KSK? (e.g. single KSK in root zone). Is there an additional real-world cost to end users in this event?
e) Can any of the above be mitigated through a single KSK rollover? Through regularly scheduled KSK rollovers?
The operational experience of doing a single e) will surely help determine d). Currently, there's an emergency plan (rolling the KSK), and it has never been tested. That's proof enough we need to do it. Phil