Re: [dns-wg] NTIA NoI: does anyone care?

[Bill Manning bmanning@localhost]

On Tue, Oct 21, 2008 at 09:30:24AM -0700, David Conrad wrote:
> Hi,
> 
> On Oct 21, 2008, at 4:43 AM, B C wrote:
> >However one point that I would strongly support from the Verisign  
> >proposal is the multi user stewardship of the KSK (the M of N  
> >principle)
> 
> Just to be clear, the KSK signing ceremony is something that happens  
> rarely, e.g. O(years).  Given the importance of the event, it would  

	thats the ICANN plan, plans can and do change.
	are there assurances that this event will remain "rare"?


> role should be reassigned prior to the ceremony).  As such, M of N  
> would imply that you could have non-unanimity in the creation of the  
> KSK.  This strikes me as a really questionable situation to get into.   
> Given the relative rarity of the KSK generation event, I am unclear as  
> to why the added complexity of M of N is beneficial.  Could someone  
> explain?

	MofN does allow for non-unanimity - but clearly is consenus driven.
	
	one could argue that distributing risk by diffusing the responsibility
	actually increases the stability and robustness of a system.  concentration
	of function (collect, edit, sign, publish) does have its attractions
	but the potential downsides due to lack of oversight seem to be 
	showstoppers - at least from this part of the peanut gallery

> 
> Thanks,
> -drc

-- 
--bill

Opinions expressed may not even be mine by the time you read them, and
certainly don't reflect those of any other entity (legal or otherwise).