Trusted Community Representatives Approach to DNSSEC Root Key Management
ICANN, as the IANA functions operator, seeks to improve confidence and acceptance in the DNSSEC security mechanism among the wider Internet community by inviting recognized members of the DNS technical community to be part of the key generation, key backup and key signing process for the root.
As part of the joint effort to secure the domain name system (DNS) and the Root DNSSEC key management process currently under consideration, a number of persons acting as trusted representatives of the Internet community will be sought to participate in the root key generation and signing ceremonies. These persons are called Trusted Community Representatives (TCRs).
ICANN will select 21 TCRs and a number of candidate TCRs. Initially, this will be done on a provisional basis to determine the approach's viability based on the success of the first Hardware Security Module (HSM) initialization and key generation that is scheduled for June 2010. The selection will be based on Statements of Interest, solicited from the Internet community at http://www.root-dnssec.org/tcr/. Persons considered affiliated with ICANN, VeriSign or the U.S. Department of Commerce may not become a Trusted Community Representative.
For more information: http://www.root-dnssec.org/wp-content/uploads/2010/04/ICANN-TCR-Proposal-20100408.pdf [PDF, 102 KB]