On Tue, Oct 21, 2008 at 09:30:24AM -0700, David Conrad wrote:
Hi,
On Oct 21, 2008, at 4:43 AM, B C wrote:
However one point that I would strongly support from the Verisign proposal is the multi user stewardship of the KSK (the M of N principle)
Just to be clear, the KSK signing ceremony is something that happens rarely, e.g. O(years). Given the importance of the event, it would
thats the ICANN plan, plans can and do change. are there assurances that this event will remain "rare"?
role should be reassigned prior to the ceremony). As such, M of N would imply that you could have non-unanimity in the creation of the KSK. This strikes me as a really questionable situation to get into. Given the relative rarity of the KSK generation event, I am unclear as to why the added complexity of M of N is beneficial. Could someone explain?
MofN does allow for non-unanimity - but clearly is consenus driven. one could argue that distributing risk by diffusing the responsibility actually increases the stability and robustness of a system. concentration of function (collect, edit, sign, publish) does have its attractions but the potential downsides due to lack of oversight seem to be showstoppers - at least from this part of the peanut gallery
Thanks, -drc
-- --bill Opinions expressed may not even be mine by the time you read them, and certainly don't reflect those of any other entity (legal or otherwise).