Hi Tomofumi, At 11:40 22-09-2014, Tomofumi Okubo wrote:
I like the idea of assessing the risks of doing the KSK rollover.
Do you think it will help to facilitate this discussion if we perform a high-level risk assessment for the KSK rollover in this group so we can form a rough consensus around what exactly the risks are and how they should be treated?
I suggest getting rough consensus on the interpretation of the following sentence: "Each RZ KSK will be scheduled to be rolled over through a key ceremony as required, or after 5 years of operation." The reason I chose that sentence is because a discussion of a high-level risk assessment (ICANN document) for the KSK roll-over might not be that productive as a first step.
Risks could actually be dealt in four ways; mitigate, accept, transfer or avoid. Avoiding (not doing it) is one way but not the only way.
Agreed.
Also, I'd like to stress that we are not just talking about present but the future. The day the algorithm (or key length) is going be obsolete is coming no matter what. Sometimes, not taking precaution could be seen as lack of due diligence. I believe if we don't take action now, the issue is going to get bigger in the future.
Agreed. Regards, S. Moonesamy