-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi George,
Yes, this seems to me to be a valid rollover scheme. Essentially it is a second variety of the Double-DS rollover, where a KSK Double-DS rollover is combined with ZSK Pre-Publish rollover. Section 4.1.4 does provide text on a second variety of the straightforward STSS rollover, where the new key only signs the DNSKEY set, not the other RRsets. When the new DNSKEY has propagated, you replace the signatures of K_1 with those of K_2. The so-to-say CSK is temporarily considered a ZSK. That text also mentions that in this case, a KSK/ZSK split may be a better option. Basically, you describe a second variety of the STSS Double-DS rollover. In your scheme, the new CSK is also temporarily considered a ZSK. So, perhaps in this case, it is also advisable to use a KSK/ZSK split option. I would like to propose the following text to add at the end of section 4.1.4: There is also a second variety of the Double-DS rollover during which one introduces a new DNSKEY into the key set and submit the new DS to the parent. The new key is not yet used to sign RRsets. One replaces the DNSKEY_S_1 signatures with signatures made with DNSKEY_S_2 at the moment that DNSKEY_S_2 and DS_S_2 have been propagated. Again, this second variety of this rollover can be considered when zone size considerations prevent the introduction of double signatures over all of the zone data although also in this case, choosing for a KSK/ZSK split may be a better option. Best regards, Matthijs On 05/09/2011 08:22 AM, George Barwood wrote: > I have a comment about section 4.1.4. Rollover for a Single Type Signing Key > rollover. > > The following simple scheme doesn't seem to be covered. > > (1) Introduce new key DNS_K_2 > > (2) Add DS record for DNS_K_2 to parent zone. > > (3) Wait for DNS_K_2 and it's DS record to propagate. > > (4) Stop signing with DNS_K_2, start signing with DNS_K_1 > > (5) Wait for DNS_K_2 signatures to propagate. > > (6) Remove DNS_K_1 from child it's DS record from parent. > > This has the advantage of minimising the size of the signed DNSKEY response, > to 2 x DNSKEY and 1 x RRSIG, and doesn't involve double signatures. > > It is double-DS, but given that DS records are relatively small, this may be > a lesser consideration, > whereas the size of the DNSKEY response is most likely to be affected by > fragmentation/TCP fallback > considerations. > > George Barwood > _______________________________________________ > DNSOP mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/dnsop -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBAgAGBQJN3hwgAAoJEA8yVCPsQCW5NvkH/AuoTAuxMDnTjTEomXMNYkFb DkuMJbO+Sbq8JK2B5wV6vK5c/yPTmWkeQGRuJ1qKsSSSd7s/r3BCUIEF532JRyj1 4qYk5LqPbaeJIvElsmo1Ffz4sNiXNCdBpZWAfm6y+1LtiX9R+2/P37Pkonkxml91 ehxCQ0iphv2hHy0/pidOKk3uiyL+0F0+93JLkgQdrra9ARbNZnosDKZB+8GdA03K +GfYHRo7n7szR//PsefyWQvGRkCPzDzd+6unRK7lkuvW4lZ4f2qC4brt6Cv4SWkD 6NyZV+G1zOd4jTd+gzh8CbWQCW5qNYrRpxpvZNayuwNOOoHk2pEP7zkLrXAQhB8= =ft6j -----END PGP SIGNATURE----- _______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
