[AusNOG] Trusted Community Representatives

[Kim Davies]

Quoting Terry Manderson on Friday April 16, 2010:
| 
| Kim might be able to clarify, but from my reading of the process the TCR roles of Crypto officer and Recovery Key share holder is to hold either the physical key or smart card (respectively) in such a secure way that no others have access to it.

Right. The primary role of the Crypto Officer is that a quorom of them
must be present in order to gain access to the Key Signing Key in
future. Recovery Key Share Holders hold small pieces of the private
keys, so that in the event of a disaster, the private key can be
reconstructed with their group participation. Both roles can not do
anything independently with their piece alone, and will be called upon
to keep them safe for the time when they are required to be used.

All of the "m of n" functions are controlled by the HSM equipment, which
is kept entirely offline, and any interaction with it is in the form
of a "ceremony" which will be recorded, be audited, and have community
participation.

| > AUSNOG would serve as a very awesome hub for physical Interaction and Dissemination of Keys.
| > Perhaps someone from APNIC who comes to all the AusNOG events and globetrots would be willing to act as the carrier pidgeon for Australia?

There are two ways participation by an Australian representative can
help build trust in the root zone keys. Firstly, by participating
in the ceremony, they can attest locally that they witnessed the
key generation, and that the key with fingerprint "x" is what they
witnessed being generated. If the person relaying this to the community
is trusted, the key can be adopted with more confidence than if it is
downloaded from a faceless website from across the sea.

Secondly, the trust anchor will be published as a CSR in PKCS#10 format,
so it can be signed by others who trust it.

kim