nanog mailing list archives
Re: [ncc-services-wg] RPKI Resource Certification: building features
From: Randy Bush <randy () psg com>
Date: Mon, 04 Oct 2010 11:26:27 +0900
Do you think there is value in creating a system like this?
yes. though, given issues of errors and deliberate falsifications, i am not entirely comfortable with the whois/bgp combo being considered formally authoritative. but we have to do something.
Are there any glaring holes that I missed
yes. the operator should be able to hold the private key to their certificate(s) or the meaning of 'private key' and the security structure of the [ripe part of the] rpki is a broken. randy
Current thread:
- Re: [ncc-services-wg] RPKI Resource Certification: building features Randy Bush (Oct 03)
- Re: [ncc-services-wg] RPKI Resource Certification: building features Owen DeLong (Oct 03)
- Re: [ncc-services-wg] RPKI Resource Certification: building features Alex Band (Oct 04)
- Re: [ncc-services-wg] RPKI Resource Certification: building features Owen DeLong (Oct 04)
- Message not available
- Re: [ncc-services-wg] RPKI Resource Certification: building features Owen DeLong (Oct 04)
- Re: [ncc-services-wg] RPKI Resource Certification: building features Alex Band (Oct 04)
- Re: [ncc-services-wg] RPKI Resource Certification: building features Owen DeLong (Oct 03)
- Message not available
- Re: [ncc-services-wg] RPKI Resource Certification: building features Randy Bush (Oct 04)
- Re: [ncc-services-wg] RPKI Resource Certification: building features Alex Band (Oct 05)
- Re: [ncc-services-wg] RPKI Resource Certification: building features Randy Bush (Oct 05)
- <Possible follow-ups>
- Re: [ncc-services-wg] RPKI Resource Certification: building features mkarir (Oct 04)