nanog mailing list archives
Re: [arin-announce] ARIN Resource Certification Update
From: sthaug () nethelp no
Date: Sun, 30 Jan 2011 17:28:04 +0100 (CET)
- Hosted solutions offer a low barrier entry to smaller organizations who simply cannot develop their own PKI infrastructure. This is the case where they also lack the organizational skills to properly manage the keys themselves, so, in most cases at least, they are *better off* with a hosted solutionThey also offer an attractive target for miscreants with a huge payoff if they are ever compromised.
...
For RIPE, their hosted solution is clearly meeting expectations within their region. Other regionĀ“s mileage may vary. I hope we (LACNIC) can do just as well.We'll see how people feel after the first time it gets pwn3d.
I am already trusting RIPE with my data - specifically, RIPE publishes route objects for my prefixes, and my transit providers generate their prefix lists based on these route objects. I fail to see how a hosted RPKI solution would make this situation worse. Steinar Haug, Nethelp consulting, sthaug () nethelp no
Current thread:
- Re: [arin-announce] ARIN Resource Certification Update, (continued)
- Re: [arin-announce] ARIN Resource Certification Update Christopher Morrow (Jan 24)
- Re: [arin-announce] ARIN Resource Certification Update Joe Abley (Jan 25)
- Re: [arin-announce] ARIN Resource Certification Update Roland Dobbins (Jan 25)
- Re: [arin-announce] ARIN Resource Certification Update Charles N Wyble (Jan 25)
- Re: [arin-announce] ARIN Resource Certification Update John Curran (Jan 29)
- Re: [arin-announce] ARIN Resource Certification Update Arturo Servin (Jan 29)
- Re: [arin-announce] ARIN Resource Certification Update Owen DeLong (Jan 29)
- Re: [arin-announce] ARIN Resource Certification Update Carlos Martinez-Cagnazzo (Jan 30)
- Re: [arin-announce] ARIN Resource Certification Update Owen DeLong (Jan 30)
- Re: [arin-announce] ARIN Resource Certification Update sthaug (Jan 30)
- Re: [arin-announce] ARIN Resource Certification Update Owen DeLong (Jan 30)
- Re: [arin-announce] ARIN Resource Certification Update Carlos M. Martinez (Jan 30)
- Re: [arin-announce] ARIN Resource Certification Update Jeff Wheeler (Jan 30)
- Re: [arin-announce] ARIN Resource Certification Update Alex Band (Jan 30)
- Re: [arin-announce] ARIN Resource Certification Update Carlos Martinez-Cagnazzo (Jan 30)
- Re: [arin-announce] ARIN Resource Certification Update Owen DeLong (Jan 30)
- Re: [arin-announce] ARIN Resource Certification Update Leen Besselink (Jan 30)
- Re: [arin-announce] ARIN Resource Certification Update Mark Andrews (Jan 30)