Hi Michael, Quoting Michael Richardson on Monday July 13, 2020:
Three questions:
1) Should I refer to https://www.iana.org/dnssec/icann-dps.txt or https://www.iana.org/dnssec/dps/zsk-operator/dps-zsk-operator-v2.0.pdf
as the authoritative document?
The former is the KSK Operator DPS, the latter is the ZSK Operator DPS. They are two distinctly different documents given KSK and ZSK operations are split in the root zone across two different entities. If you are referring to KSK management you should cite the former document.
2) With the April 23 ceremoney (#41) having been held, would there there not have been another in July? What will happen? It seems that maybe enough things were signed in April to last awhile.
KSK Ceremony 41 generated signatures covering 9 months of material as a contigency measure due to COVID-19. See https://www.icann.org/news/blog/conducting-a-key-signing-ceremony-in-the-fac... for an explanation written prior to the last key ceremony, and https://labs.ripe.net/Members/mirjam/managing-the-trust-anchor-of-the-dns-ag... for something a little more recent. As a result of this, we don't have an need to hold a ceremony for key signing purposes until approximately February 2021.
3) There was a long debate about how often to roll the root key. A link to: https://www.icann.org/public-comments/proposal-future-rz-ksk-rollovers-2019-... was posted last fall.
I see that the report is still overdue.
You're right that the staff report is overdue. That is predominantly due to us suspending work on pushing toward the next rollover to deal in the short-term with holding the contingency ceremony described above, and right now continuing to monitor the arc of the pandemic and getting a better handle on its long-term implicationsbefore we commit to performing future rollovers on a predictable schedule. With that said we do still need to bite the bullet and consolidate our current thinking into a report and get that posted. I'll update this list once that is done. Thanks, kim