(1) I'm not trying to impugn the good work that was done in securing the root
key. It was good work, and I think it was very cool. I am just asking if,
despite that good work, an NSL could get around it. It's a fair question.
The answer may be "no," or "not without it becoming public," or "with great
difficulty." I doubt it's "easily." But it's worth asking. When you did
the root signing, we were certainly thinking about this threat model, but it
was a bit more academic then than it is now. I think we still had some
illusions that the U.S. government at least would choose a more constrained
attack than taking the key to everything; we now know that the government feels
no such burden of restraint—they apparently feel that they can be trusted with
that key, and we should be willing to provide it.
(2) This attack is actually easier on TLDs than on the root, so I really asked
the wrong question. Although taking the root would be useful, it would be
less useful than taking .COM and .ORG and .EDU. With any of those keys, your
chances of doing a mass attack on a single DANE-secured domain are much better.
(3) So, are they all as secure as the root?