TLD DS Distribution
There will be two problems discussed here. Getting the root DS key out in a secure and on time manner. Securely receving DS's from TLDs. These problems sounds simple to solve, but their actually not. Distributing the DS keys is easy, but ensuring the people receving the keys can trust them is not. We need to ensure both keys sent and received are trustworthy. This comes down to GPG and the web of trust ideals.
Root DS Distribution
We've had a few ideas for ways we can distribute the root DS keys, they've all been listed on the project page.
GPG
Making the DS key available for download on some webspace would allow easy download access. This key could then be GPG verified via a quick TXT DNS lookup for the GPG sig.HTTPS
Making the DS available on a HTTPS server, so the end user can trust the SSL cert. This idea would require the creation of an OpenNIC CA server. Not a bad idea, as the CA is on our task list already.TLD DS Receving
We also need a solution to get the DS keys from TLDs. I have only one idea for this so far which came from Brianko.