public consultation on root zone KSK rollover

Fri Apr 5 16:53:09 UTC 2013

Brandon,

On Apr 4, 2013, at 5:35 PM, Brandon Butterworth <brandon at rd.bbc.co.uk> wrote:
>> You do realize this requires changing validating resolver
>> configuration data, right?
> 
> Yes. How hard can it be (answer not required).
> 
> While it's quaint that the elders of the internet meet and bless each
> new key I don't think this scales.

The point of the wildly over-engineered root key signing ceremony is to build trust by publicly demonstrating at every step there is no opportunity for intentional or accidental badness to occur without being noticed.  Compare this to the processes used by commercial X.509CAs when they roll their root keys (you might also want to look at how often they roll their keys).

> I know it's not easy but it needs to be simple and automatic for wide deployment.

Even with RFC 5011 support in every validating resolver on the planet (not holding my breath), this requires all of those validating resolvers to accept a directive from the "outside" which instructs software to write something to permanent storage.  I can easily imagine some folks being a bit nervous about this. Particularly given it would seem some CPE developers can't figure out how to write DNS resolvers that can be configured to not respond to arbitrary external queries.

Frequency of root key rolling is actually a fairly complicated risk/benefit tradeoff. Frequently rolling means its more likely that the roll will be successful globally. However, it also increases the risk of (a) breaking DNS resolution for some percentage of the Internet and (b) catastrophically failing such that RFC 5011-style rollover will no longer work necessitating a manual reconfiguration of every validating resolver on the Internet. "Choose wisely".

In any event, if you haven't already I would encourage you to provide comments at the URL Joe referenced.

Regards,
-drc