>>> If keys are generated a few years in advance of going into active >>> use, there is plenty of time for them to be disseminated >>> beforehand. They do not have to be pre-published in the zone >>> (although that is what RFC 5011 was designed for); they can be >>> distributed out of band by software updates or other means. If >>> there are annual rollovers with keys generated N years in advance, >>> at any time there will be N pre-published keys one of which might >>> be pre-published in the zone, one active KSK in production, and >>> maybe one in retirement. On 3/14/19 12:38 PM, Michael Richardson wrote: >> Yes, I'd like to do that. I'd like N=10, and the roll-over frequency >> to be yearly. Keith Mitchell <keith@dns-oarc.net> wrote: > The problem with generating that many keys out into the future is they > then become hostages to fortune should any issues arise during that > time-span with the integrity of those keys. e.g. a breach which causes > the private keys to be disclosed, flaws being discovered in the > algorithm in use, or the processes used to generate the keys, etc. > Which would likely mean a complete reset for new keys to be generated, > and a very large pile of baked-in pre-disseminated keys needing revoked. It seems that these issues exist if there are *any* keys generated before use, independantly of the number of keys. Based upon my reading of the spec sheet of the HSM that ICANN uses, it can store ~1K key pairs, so it's not like we need two devices for 10 vs 5 keys. -- Michael Richardson <mcr+IETF@sandelman.ca>, Sandelman Software Works -= IPv6 IoT consulting =-