On 30 okt 2008, at 08.05, Patrik Fältström wrote:
a) It would be good if change of ZSK or KSK operator would NOT imply a silent period or _VERY_ complicated key rollover.
changing the holder of the ZSK (e.g. the root zone maintainer) doesn't have to be very complicated. some time before the change of maintainers, the new maintainer would submit its first set of ZSK to the KSK holder for signing and the old maintainer would include this in the root zone for some short period of time. I do however believe that changing the holder of the KSK will be complicated, unless a proven automatic key rollover mechanism has been developed, implemented _and_ deployed. so while I wouldn't hold my breath waiting for this to happen, I hope that the initial KSK holder will be stable and that it is possible to transfer the KSK in case the holder needs to be changed. jakob