The IANA team, and the broader ICANN organization, have been giving significant 
thought to the Coronavirus pandemic and its impact on root zone KSK operations. 
Managing the KSK is centred on conducting "key signing ceremonies", where 
trusted community representatives (TCRs) attend from around the world to 
witness utilization of the root zone KSK private key. This approach seeks to 
engender trust in the broader community that the key has not been compromised, 
in addition to more typical controls such as third-party auditing.

In light of world events we have developed contingency plans around how to hold 
key ceremonies in the short term. To that end, we identified a graduated set of 
options, in summary:

  1.  Hold the next ceremony as planned on April 23, with a quorum of 
participants globally.
  2.  Hold the next ceremony on a different date using only US-based TCRs.
  3.  Hold the next ceremony using our disaster recovery procedure, which 
provides for a staff-only ceremony (i.e. no TCRs would be physically present).
In general, our goal has been to navigate from Option 1, and if that is not 
possible, Option 2, and so on. However, at this time, our focus is on 
developing a plan around Option 3.

The ceremony is currently scheduled unusually early in the quarter (it is 
typically held in May), and needs to be held to generate signatures that will 
be needed in production for July. Our contingency plan is comprised of:

  *   Holding the ceremony with a bare minimum of staff (approximately 6);
  *   Using 3 TCRs’ credentials, either by having their access key transferred 
to us in a secure manner in advance of the ceremony, or by drilling the safety 
deposit box that holds their secure elements.
  *   Holding the ceremony under typical audit coverage, allowing for remote 
witnessing of events by all, plus providing additional opportunities for TCRs 
to stay involved in the process remotely.
  *   Signing key materials to cover one or more subsequent quarters, to 
provide relief from the need to necessarily hold ceremonies later in 2020 if 
circumstances disallow it. (The additional signatures would be withheld 
securely until they are needed.)
Our key management facilities were designed with the disaster recovery 
capability of performing staff-only ceremonies in mind, but this is a 
significant shift from normal operations and we want to promote broader 
community awareness of this work. Those directly involved in key ceremonies - 
the trusted community representatives, our vendors and auditors - have been 
consulted and are broadly supportive of this effort.

Should there be any specific feedback you would like to share with our team, 
please email me <> and we will take it into consideration as 
we finalize our plans.
Thank you for your support,

Kim Davies
VP, IANA Services, ICANN
President, Public Technical Identifiers (PTI)
root-dnssec-announce mailing list

By submitting your personal data, you consent to the processing of your 
personal data for purposes of subscribing to this mailing list accordance with 
the ICANN Privacy Policy ( and the website 
Terms of Service ( You can visit the Mailman 
link above to change your membership status or configuration, including 
unsubscribing, setting digest-style delivery or disabling delivery altogether 
(e.g., for a vacation), and so on.

Reply via email to