Publication and Administration Policies of the DNSSEC Keys

Introduction

Registro.br uses 3 key pairs for DNSSEC signatures:

  • KSK BR (BR zone's Key Signing Key): Its private key is only used to sign the set of public keys of the BR zone, i.e., KSK BR and ZSK BR public keys.
  • ZSK BR (BR zone's Zone Signing Key): Its private key is used to sign BR zone's authoritative records: zone apex RRsets (except DNSKEY RR) and DS and NSEC RRsets.
  • ZSK *.BR (BR children's Zone Signing Key): Its private key is used to sign authoritative records of all second level BR zones: apex RRsets of these zones and DS and NSEC/NSEC3 RRsets.

Further information on the policies described below is available at DNSSEC Practice Statement.

Keys generation procedure

All key pairs are generated using software developed by Registro.br and specialized random number generation hardware.

  • KSK BR: This key pair is generated and stored in a cryptographic hardware (HSM - Hardware Security Module) connected only to the DNS publication server. ECDSA Curve P-256 with SHA-256 is the algorithm used.
  • ZSK BR: This key pair is generated in the on-line signer (a server connected only to the DNS publication server). ECDSA Curve P-256 with SHA-256 is the algorithm used.
  • ZSK *.BR: This key pair is generated in the on-line signer. ECDSA Curve P-256 with SHA-256 is the algorithm used.

The connections from the DNS publication server to the on-line signer and to the HSM are done with an exclusive cable and are used only to send the records to be signed and to receive the signatures.

Keys sizes

KSK BR:

  • From 06/2007 to 05/2015: 1280 bits;
  • From 05/2015 to 07/2015: 2 keys during rollover, old one with 1280 bits and new one with 1536 bits;
  • From 07/2015 to 20/08/2018: 1536 bits;
  • From 20/08/2018 to 23/08/2018: 2 keys during an algorithm rollover, a RSASHA1 1536 bits and an ECDSA Curve P-256 with SHA-256 (512 bits);
  • Since 23/08/2018: ECDSA Curve P-256 with SHA-256 (512 bits).

ZSK BR:

  • From 06/2007 to 02/2015: 1152 bits;
  • From 02/2015 to 20/08/2018: 1280 bits;
  • 20/08/2018: 2 keys during an algorithm rollover, a RSASHA1 1280 bits and an ECDSA Curve P-256 with SHA-256 (512 bits);
  • Since 20/08/2018: ECDSA Curve P-256 with SHA-256 (512 bits).

ZSK *.BR:

  • From 06/2007 to 02/2015: 1024 bits;
  • From 02/2015 to 20/08/2018: 1280 bits;
  • 20/08/2018: 2 keys during an algorithm rollover, a RSASHA1 1280 bits and an ECDSA Curve P-256 with SHA-256 (512 bits);
  • Since 20/08/2018: ECDSA Curve P-256 with SHA-256 (512 bits).

Keys usage

KSK BR:

  • KSKs BR are used twice a year in ceremonies for rollover schedule generation for periods of 6 months and to generate signatures with KSK BR.
  • Input of public keys and output of their respective RRSIG recors from the off-line signer is done via removable midia.
  • Signatures generated with KSKs BR in the HSM are valid for 3 weeks.

ZSK BR, ZSK *.BR:

  • ZSKs BR and ZSKs *.BR are used to automatically sign zones. It happens whenever incremental changes to a zone are done or in a full publication.
  • Private keys in the on-line signer are never directly manipulated in it.
  • Signatures generated with ZSKs are valid for 14 days.

Key rollovers

Regular KSK BR rollover

Programmed KSK BR rollovers are done every 2 to 5 years, always on the third Monday of May of the chosen year. The double-signing technique is used (RFC 6781 - section 4.1.2). During a period of 2 months there will be 2 active KSK BR.

0                      Ano2                     Ano5
|------------------------|------------------------|-------->
    KSK 1
|--------------------------|
                                KSK 2
                       |------------------------------|
                                                     KSK 3
                                                |------------....

Regular ZSK BR rollover

Programmed ZSK BR rollovers are done every 3 months, always on the first Monday of February, May, August and November. ZSKs BR are used for a little over than 3 months and the pre-publishing technique is used (RFC 6781 - section 4.1.1.1).

0                     3meses                    6meses
|------------------------|------------------------|-------->
    ZSK 1                   #
|--------------------------|-|
                          *      ZSK 2               #
                         |-|------------------------|-|

During the periods of pre-publishing (*) and post-publishing (#), ZSKs are not used for signing.

Regular ZSK *.BR

Programmed ZSK *.BR rollovers are done monthly, every second Monday of the month. ZSKs *.BR are use for a little over than 1 month and the pre-publishing technique is used (RFC 6781 - seção 4.1.3).

0                      1mês                     2meses
|------------------------|------------------------|-------->
    ZSK 1                   #
|--------------------------|-|
                          *      ZSK 2               #
                         |-|------------------------|-|

During the periods of pre-publishing (*) and post-publishing (#), ZSKs are not used for signing.

Emergency rollover

Emergency key rollovers might be necessary if any of the private keys is disclosed. This means that Registro.br lost control over the key due to unauthorized copy, loss, theft, or that the private key is obtained through cryptoanalysis.

If a key is disclosed, its use will be discontinued as soon as possible and a new key will be generated and published. All possible measures will be taken to keep the chain of trust consistent in these situations.

Key Distribution

The DS record for the KSK BR is published at the root zone.