<<<
Chronological Index
>>> <<<
Thread Index
>>>
Feedback on FY 12 SSR Framework
- To: ssr-fy12@xxxxxxxxx
- Subject: Feedback on FY 12 SSR Framework
- From: Thierry Moreau <thierry.moreau@xxxxxxxxxxxxx>
- Date: Mon, 06 Jun 2011 17:02:20 -0400
Dear Sirs:
While I gleaned through the documents (page 13 on part B), I noticed
this mention of SysTrust audit to be completed for the DNSSEC key
rollover process. This activity should have been completed by now.
In the meantime, the public may assume that the SysTrust audit did not
proceed as well as it could have since the completion of the first KSK
ceremony. Maybe the very unique nature of the procedures to be audited
delay somehow the activity completion, or some specific audit aspects
are outstanding or unresolved.
The DNSSEC KSK management processes were established by a process with
some transparency and community feedback. Actually an unprecedented
level of transparency and community feedback for this type of key
management process. Unfortunately, as an expert in the field (systemwide
cryptographic key management), I still missed a round of public comment
at a critical point in the procedure development process, and I later
identified a remaining weakness in the final process. Accordingly, I am
eager to see the outcome of the SysTrust audit, which I hope will be
released in the spirit of transparency. Maybe the SysTrust audit is due
to the larger community in order to put expert opinions like mine in a
broader perspective.
Thanks for the opportunity to provide input to the ICANN activity planning.
--
- Thierry Moreau
CONNOTECH Experts-conseils inc.
9130 Place de Montgolfier
Montreal, QC, Canada H2M 2A1
Tel. +1-514-385-5691
<<<
Chronological Index
>>> <<<
Thread Index
>>>
|