BGP Security and PKI Hierarchies (was: Re: Wifi Security)
Sandy Murphy
sandy at tislabs.com
Tue Nov 22 20:31:11 UTC 2005
>Otherwise, you have to be storing a plethora of
>> different signers' certificates to be able to validate all the
>> institution's certificates that come in.
>
>you need those certs to verify the live data anyway
Yes, the reason why you want to validate the institution's certificates
is so you can verify the data signed with that cert (signed with the private
key associated with the public key in the cert, to be explicit).
--Sandy
More information about the NANOG
mailing list