[Opendnssec-develop] Zone moving between operators
Jakob Schlyter
jakob at kirei.se
Mon Mar 23 21:24:51 UTC 2009
On 23 mar 2009, at 11.54, Matthijs Mekking wrote:
> * Should we really want to use the same key for multiple zones? It
> could
> have great impact if it became compromised. And does KASP has the
> logic
> if a key for zone A needs to be rollovered, but must be kept for other
> zones.
could you, or someone else, describe a scenario where one key in a HSM
would be compromised and while other keys in the same HSM are not?
(given that we use RSA with resonable key lengths)
jakob
More information about the Opendnssec-develop
mailing list