ICANN: Review of Trusted Community Representation in Root Zone DNSSEC Key Signing Ceremonies

ICANN logoPurpose (Brief): Based on feedback from the current TCRs and our experience from the first 14 ceremonies, we are reviewing what changes, if any, should be made to the current model of Trusted Community Representative participation.
Current Status: Initial public consultation
Next Steps: Review consultation input
Section I: Description, Explanation, and Purpose:

Based on feedback from the current TCRs and our experience from the first 14 ceremonies, we are reviewing [PDF, 321 KB] what changes, if any, should be made to the current model of Trusted Community Representative participation.

Section II: Background:

Since July 2010, the DNS Root Zone has been secured using DNSSEC. The model of using DNSSEC in the DNS Root Zone revolves around a “key signing key” (KSK) that is managed by ICANN in two secure facilities. Four times a year, a ceremony is conducted at these facilities to perform operations involving the KSK. As a key part of this process, a minimum of three from a pool of 21 trusted community representatives (TCRs) attend each ceremony to enable access to the secure materials, to witness the procedure, and to attest that the ceremony was conducted properly.

Section III: Document and Resource Links:

Comment / Reply Periods

  • Comment Open Date: 21 January 2014
  • Comment Close Date: 11 February 2014 – 23:59 UTC
  • Reply Open Date: 12 February 2014
  • Reply Close Date: 4 March 2014 – 23:59 UTC

Important Information Links