Internic PGP Auth busted

ken emery ken at cnet.com
Sat Feb 21 01:04:18 UTC 1998


On Fri, 20 Feb 1998, Greg Ketell wrote:

> At 06:49 PM 2/20/98 -0500, Christopher Caldwell wrote:
> >According to the folks there, it's been down for quite some time (~a
> month).
> >Glad they sent us notification.
> >
> >They asked that I swap PGP with CRYPT to facilitate modifications for the
> >near future.
> 
> hmmm to make changes you have to PGP authenticate the request....
> Catch22, no?
> 
> Yes, I am being obnoxious.  You can obviously call them and have them
> update all your (how many?) domains manually do eliminate the pgp
> requirement so that you can then change each one to CRYPT.  [File away
> that first response that has your encrypted password.  I am told you don't
> ever get it again.]

Actually a couple of weeks ago I was able to get domains via PGP.  The weird 
thing was that they sent back two of them telling me they couldn't decode 
them (and right there is the return email they were fully decoded).  The 
even stranger thing was when I resubmitted things they came back and 
told me that the domains already existed.  So they actually added the 
domain for me and sent back the wrong message the first time.

> It would be Much nicer if they would just fix it.

Well uh, yeah...

bye,
ken emery




More information about the NANOG mailing list