nanog mailing list archives

Re: BGP Security and PKI Hierarchies (was: Re: Wifi Security)

From: Randy Bush <randy () psg com>
Date: Wed, 23 Nov 2005 16:39:11 -1000

[0] - i'll want the business cert to have the ca bit if i am
      large enough to have internal authorization process, and
      thus want to create and manage different certs for dns,
      billing, ...


We are discussing how we can do subsidiary certificate services like
this in APNIC but I think this goes outside of routing policy and into
registry business practices which are unlikely to be common for all RIR
and NIR in the ways that resource certificates *have* to be.


if it is not common across registries, and if my certs do not
work across registries, then something is very very broken,
and a major pita at the isps', aka your members', expense.

randy

Current thread:

Re: BGP Security and PKI Hierarchies (was: Re: Wifi Security), (continued)
- - - Re: BGP Security and PKI Hierarchies (was: Re: Wifi Security) George Michaelson (Nov 23)
    - Re: BGP Security and PKI Hierarchies (was: Re: Wifi Security) Steven M. Bellovin (Nov 23)
    - Re: BGP Security and PKI Hierarchies (was: Re: Wifi Security) william(at)elan.net (Nov 23)
    - Re: BGP Security and PKI Hierarchies (was: Re: Wifi Security) George Michaelson (Nov 23)
    - Re: BGP Security and PKI Hierarchies (was: Re: Wifi Security) Steven M. Bellovin (Nov 23)
    - Re: BGP Security and PKI Hierarchies (was: Re: Wifi Security) Randy Bush (Nov 23)
    - Re: BGP Security and PKI Hierarchies (was: Re: Wifi Security) George Michaelson (Nov 23)
    - Re: BGP Security and PKI Hierarchies (was: Re: Wifi Security) Steven M. Bellovin (Nov 23)
    - Re: BGP Security and PKI Hierarchies (was: Re: Wifi Security) Randy Bush (Nov 23)
    - Re: BGP Security and PKI Hierarchies (was: Re: Wifi Security) George Michaelson (Nov 23)
    - Re: BGP Security and PKI Hierarchies (was: Re: Wifi Security) Randy Bush (Nov 23)
    - Re: BGP Security and PKI Hierarchies (was: Re: Wifi Security) George Michaelson (Nov 23)
    - Re: BGP Security and PKI Hierarchies (was: Re: Wifi Security) Randy Bush (Nov 23)
    - Re: BGP Security and PKI Hierarchies (was: Re: Wifi Security) Steven M. Bellovin (Nov 23)
    - Re: BGP Security and PKI Hierarchies (was: Re: Wifi Security) Sean Donelan (Nov 24)
    - Re: BGP Security and PKI Hierarchies (was: Re: Wifi Security) Kurt Erik Lindqvist (Nov 25)
    - Re: BGP Security and PKI Hierarchies (was: Re: Wifi Security) Kurt Erik Lindqvist (Nov 25)
- Re: BGP Security and PKI Hierarchies (was: Re: Wifi Security) Sandy Murphy (Nov 23)
- Re: BGP Security and PKI Hierarchies (was: Re: Wifi Security) Sandy Murphy (Nov 24)
  - Re: BGP Security and PKI Hierarchies (was: Re: Wifi Security) Randy Bush (Nov 28)
    - Re: BGP Security and PKI Hierarchies (was: Re: Wifi Security) william(at)elan.net (Nov 28)