[dns-wg] NTIA NoI: does anyone care?
Bill Manning bmanning at ISI.EDU
Tue Oct 21 19:43:20 CEST 2008
On Tue, Oct 21, 2008 at 09:30:24AM -0700, David Conrad wrote: > Hi, > > On Oct 21, 2008, at 4:43 AM, B C wrote: > >However one point that I would strongly support from the Verisign > >proposal is the multi user stewardship of the KSK (the M of N > >principle) > > Just to be clear, the KSK signing ceremony is something that happens > rarely, e.g. O(years). Given the importance of the event, it would thats the ICANN plan, plans can and do change. are there assurances that this event will remain "rare"? > role should be reassigned prior to the ceremony). As such, M of N > would imply that you could have non-unanimity in the creation of the > KSK. This strikes me as a really questionable situation to get into. > Given the relative rarity of the KSK generation event, I am unclear as > to why the added complexity of M of N is beneficial. Could someone > explain? MofN does allow for non-unanimity - but clearly is consenus driven. one could argue that distributing risk by diffusing the responsibility actually increases the stability and robustness of a system. concentration of function (collect, edit, sign, publish) does have its attractions but the potential downsides due to lack of oversight seem to be showstoppers - at least from this part of the peanut gallery > > Thanks, > -drc -- --bill Opinions expressed may not even be mine by the time you read them, and certainly don't reflect those of any other entity (legal or otherwise).
[ dns-wg Archives ]