[dnssec-key-tf] Input for Requirements Requested
Jim Reid
Mon Mar 3 18:10:57 CET 2008
On 29 Feb 2008, at 13:56, Daniel Karrenberg wrote: > If you have any input on requirements, even if it is just in the form > of "this and that is very important to me", please let me have it > quickly. Just to start the ball rolling.... [1] The TAR should be technology neutral. It should not exclude or prevent different flavours of trust anchors to be published. [2] The TAR should be OS/DNS implementation neutral. Tools and documentation should be provided for the common platforms: "here's how to transform this tarball of crypto gunk into stuff to plug into your name server configuration". [3] The TAR should somehow verify the keying material it's given before publishing or storing it. There should also be a secure channel for authenticating the TAR and any data it's publishing. [4] A process is needed to revoke a trust anchor and notify those who may be using the now withdrawn or invalid trust anchor. [5] Everybody should sign up to T&C's that hold everyone else harmless. [6] The TAR should be clear what support, if any, is available. [7] The TAR must make it clear what they keying material is for and its political significance: eg "we're not undermining IANA" (or perhaps not) or "we make no claims about the appropriateness of the stuff in our TAR" (national sovereignty & competition issues). [8] The TAR should treat all parties equally. Provided they demonstrate suitable levels of DNSSEC clue. [9] There should be regular reviews of the TAR's usefulness: ie clear goals for defining "success" or "failure" and some way of establishing consensus around these goals. [10] The TAR must have exit and escrow strategies