nanog mailing list archives
Re: Web expert on his 'catastrophe' key for the internet
From: Sean Donelan <sean () donelan com>
Date: Fri, 30 Jul 2010 01:14:44 -0400 (EDT)
On Fri, 30 Jul 2010, Joe Abley wrote:
One observation from a non-crypto operations guy that was drawn into this project and has learnt a lot from having to implement the infrastructure designed by real crypto people: security is not always obvious. What seems like a flaw is often not, and what seems safe is often risky. There is a great deal to learn about security engineering, and what seems obvious is frequently not.
Trust is also based on perception, whether justified or not.The participants in the community wanted this kind of key ceremony and many ceremonial key holders for a variety of reasons. If the community changes its mind in the future, and wants a different kind of key ceremony and ceremonial key holders, then submit comments and propose changes.
Whether Recovery Key Share Holders serve any useful role after the HSMs are initialized is one of those questions that lots of beer may help.
Current thread:
- Re: Web expert on his 'catastrophe' key for the internet, (continued)
- Re: Web expert on his 'catastrophe' key for the internet Jorge Amodio (Jul 29)
- Re: Web expert on his 'catastrophe' key for the internet Valdis . Kletnieks (Jul 29)
- Re: Web expert on his 'catastrophe' key for the internet Jorge Amodio (Jul 29)
- Re: Web expert on his 'catastrophe' key for the internet Doug Barton (Jul 29)
- Re: Web expert on his 'catastrophe' key for the internet Franck Martin (Jul 29)
- Re: Web expert on his 'catastrophe' key for the internet Doug Barton (Jul 29)
- Re: Web expert on his 'catastrophe' key for the internet Franck Martin (Jul 29)
- Re: Web expert on his 'catastrophe' key for the internet James Hess (Jul 29)
- Re: Web expert on his 'catastrophe' key for the internet Marshall Eubanks (Jul 29)
- Re: Web expert on his 'catastrophe' key for the internet Joe Abley (Jul 31)
- Re: Web expert on his 'catastrophe' key for the internet Sean Donelan (Jul 29)