On Jan 21, 2010, at 4:42 PM, Edward Lewis wrote: > As a matter of fact, a lot of the security credentials (SSH keys, passwords, > etc.) are rolled on a regular basis already, as part of institutional > security policies. > > But I think a point has been missed - the roll of keys on a periodic basis is > needed to *exercise the activity* if not achieve a higher level of security.
I'd recommend that 'exercise the activity' is not done on critical production systems. Roy _______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
