April 3, 2019
9:17 p.m.
Tim April <timapril@gmail.com> writes:
To take this approach, I would propose a model where, outside of an emergency condition, there would be at least two KSKs in the root zone at any time which have been published for at least one month (the 5011 hold down timer length).
FYI, In a hotly contested draft that never made it to an RFC (which I hate to bring up again and am not trying to start that discussion again now), I showed that to securely add a key to the root zone, given its parameters, you need to publish new keys for 53 days, not 30 (the hold-down timer). So please pick a longer period than one month should your proposed plan get adopted. -- Wes Hardaker USC/ISI