Skip to main content

custodial rotation

Definition

Rotation based on control authority that is split between two key sets. The first for signing authority and the second (pre-roateted) for rotation authority the associated thresholds and key list can be structured in such a way that a designated custodial agent can hold signing authority while the original controller can hold exclusive rotation authority.

Partial pre-rotation supports the important use case that of custodial key rotation to authorize a custodial agent.
Paraphrased by @henkvancann on the bases of the IETF-KERI draft 2022 by Samual Smith.