BGP certificate insanity was: (DHS insanity - offtopic)

• Previous message (by thread): BGP certificate insanity was: (DHS insanity - offtopic)
• Next message (by thread): BGP certificate insanity was: (DHS insanity - offtopic)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 24-Apr-2007, at 10:15, <michael.dillon at bt.com> wrote:

>> You might try taking a look at the various presentations at
>> NANOG/RIPE/ARIN/
>> APNIC/APRICOT about the whole idea.  Central point: the
>> entity that gives
>> you a suballocation of its own address space signs something
>> that says you
>> now hold it.
>
> If the whois directories actually operated under some set of  
> guidelines
> defining their purpose and scope which was enforced by the directory
> publishers, then there would be no need for this certificate nonsense.

How can anybody be sure that the random peering tech they are talking  
to really works for the organisation listed in the whois record? By  
visual inspection of the e-mail address? A faxed LOA on company  
letterhead?

Given a polished toolset, I'd take a signed ROA over any of those.


Joe

• Previous message (by thread): BGP certificate insanity was: (DHS insanity - offtopic)
• Next message (by thread): BGP certificate insanity was: (DHS insanity - offtopic)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]