[Opendnssec-develop] Zone moving between operators

Jakob Schlyter jakob at kirei.se
Mon Mar 23 21:24:51 UTC 2009

On 23 mar 2009, at 11.54, Matthijs Mekking wrote:

> * Should we really want to use the same key for multiple zones? It  
> could
> have great impact if it became compromised. And does KASP has the  
> logic
> if a key for zone A needs to be rollovered, but must be kept for other
> zones.

could you, or someone else, describe a scenario where one key in a HSM  
would be compromised and while other keys in the same HSM are not?  
(given that we use RSA with resonable key lengths)


More information about the Opendnssec-develop mailing list