Re: LOAs for Cross Connects - Something like PeeringDB for XC

[Randy Bush <randy () psg com>]

> > > you can sign over something which ways "the person identified by the
> > > following public key is to be permitted to ..."
> >
> > you mean the fraudlent attacker who owned that INR seems to have signed
> > this request for a €1.000.000,49 wire transfer to their iban.  a person
> > is not identified by that signature.
>
> If someone has a valid CA cert/key from the RIR, it's very hard to
> argue 'fraudulent'.
> It's, however, "easy" for the RIR to reverse the error, right? :)

sorry.  by 'fraudulent' i meant that they have no authority to request
the funds.  you just know they own some INR.  and if they request it
again, you might be confident it is at least the same attacker :)

now, you and i could agree formally, i.e. provably, out of band say
using pgp or whatever, that ownership of some INR identifies you.

or we could use some arbitrary other PKI entirely, e.g., X.400 was meant
for this.  but, as i said, karen, heather, and lucy know the personal
and organisational identity space far better than i.  i just know enough
about the rpki that it is very intentionally not in that identity space.

but think about the dance that prudent folk do to accept pgp keys, and
pgp has fingerprints to make it a bit easier to do oob verification.
but that verification uses an external identity provider, e.g. passport
or whatever makes you comfortable.  now infer what we would need to do
to accept an rpki INR key as a proof of identity.

randy

---
randy () psg com
`gpg --locate-external-keys --auto-key-locate wkd randy () psg com`
signatures are back, thanks to dmarc header mangling