Apparently the DNS root key is protected by what sounds like a five-of-seven threshold scheme, but the description is a bit unclear. Does anyone know more?
(Oh, and for people who want to quibble over "practically-deployed", I'm not aware of any real usage of threshold schemes for anything, at best you have combine-two-key-components (usually via XOR), but no serious use of real n- of-m that I've heard of. Mind you, one single use doesn't necessarily count as "practically deployed" either). Peter (who has two more Perry-DoS-ing conversation-starter posts to make, but will leave them for awhile now :-). --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com