On Sep 19, 2014, at 9:44 AM, David Conrad <david.conrad@icann.org> wrote:
- Changing the signing algorithm (which I strongly support) is not a KSK rollover and thus out of scope for this discussion except insofar as if there is a planned algorithm change, that could affect the perceived need for the KSK rollover. If changing the signing algorithm *is* in scope for this discussion, the title of the discussion should change.
I’m not sure arguing the semantics of the terminology used in the name of this mailing list is a good use of time.
I am. If as you say below, "everything that could impact changing the key and/or the implications of changing the key should be in scope", then simply calling the workshop as being about "KSK change" that would be a lot clearer. And, given that, I propose that there be a major topic on changing the signing algorithm to elliptic curve with 256-bit keys. The CFRG will likely settle on recommendations for fast, constant-time curves for signing; these would be excellent targets for a new signing algorithm. The oft-stated benefits would be: - much smaller DNS response messages for signatures - much greater predictability for the cryptographic lifetimes for the keys --Paul Hoffman