On Sep 21, 2014, at 10:49 AM, Michael StJohns <msj@nthpermutation.com> wrote:
Worst case is compromise of all trust anchor keys. 5011 allows you to recover from an N-1 compromise (where you have at least one private key associated with the root trust anchor set that hasn't been compromised).
This has always been my problem with 5011-based rollovers. Given the protections specified in the DPS, all the scenarios in which we have to do an emergency key roll seem ridiculously unlikely. However, I assume we have to be prepared for the worst case scenario. Since 5011 can’t help us with that scenario and emergency key rollovers is a superset of planned rollovers, I’ve been unclear as to the advantage 5011 provides. And then there is the issue of (likely permanent) lack of universal implementation of 5011... Am I missing something? Regards, -drc