nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [arin-announce] ARIN Resource Certification Update

From: "Carlos M. Martinez" <carlosm3011 () gmail com>
Date: Sun, 30 Jan 2011 15:56:18 -0200
Hey!

Steinar Haug, Nethelp consulting, sthaug () nethelp no

Because they publish data you have signed. They don't have the ability
to modify the data and then sign that modification as if they were you if
they aren't holding the private key. If they are holding the private key,
then, you have, in essence, given them power of attorney to administer
your network.

If you're OK with that, more power to you. It's not the trust model I would
prefer.


I think that is the whole point. Hosted is fine with some, top-down will
be preferred by others. Will top-down be intrinsically more secure than
hosted? I am tempted to say yes, but I have some doubts on that too.

What top-down certainly does is getting you out of the lawyers' sights.
Mostly anyways.


Owen

Carlos
Previous By Date Next
Previous By Thread Next

Current thread: