[162204] in North American Network Operators' Group
Re: public consultation on root zone KSK rollover
daemon@ATHENA.MIT.EDU (David Conrad)
Fri Apr 5 20:52:24 2013
From: David Conrad <drc@virtualized.org>
In-Reply-To: <m2k3ogbmlg.wl%randy@psg.com>
Date: Sat, 6 Apr 2013 08:52:06 +0800
To: Randy Bush <randy@psg.com>
Cc: North American Network Operators' Group <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Randy,
On Apr 6, 2013, at 7:10 AM, Randy Bush <randy@psg.com> wrote:
> at some point, long passed, the more pomp, the less safe i feel. =20
Have you actually watched/participated in a root key signing ceremony? =
Pomp is not the term I would use.=20
> there
> is protecting against technical/engineering threats and protecting
> against layer 8 through 11. through complexity, it compromises the
> technical protection to go overboard on the lawyer defense.
Technical protection like those that protected Diginotar's customers? =
The elaborate root key signing ceremony is designed to ensure all =
aspects of root key management are open, transparent, and can be audited =
by anyone. While I'd agree that it is non-technical, the =
technical/engineering part is the easy bit. Protecting against insiders, =
laziness, and stupidity is _far_ harder.
>> In any event, if you haven't already I would encourage you to provide
>> comments at the URL Joe referenced.
>=20
> definitely. after all, commenting on icann insanities has had such
> serious beneficial effect for the good of the internet in the past.
I can guarantee that providing comments are infinitely more likely to =
have an impact than stomping off in a huff :)
Regards,
-drc
