Validating rights to announce a prefix
robert at ripe.net
Fri Aug 15 05:17:17 CDT 2008
michael.dillon at bt.com wrote:
>> Okay, I admit I haven't paid the closest attention to RPKI,
>> but I have to ask: Is this a two-way shared-key issue, or
>> (worse) a case where we need to rely on a central entity to
>> be a key clearinghouse?
>> The reason why I mention this is obvious -- the entire PKI
>> effort has been stalled (w.r.t. authority) because of this
>> particular issue.
> Who says there needs to be a PKI infrastructure in order to
> do this? There are other ways of authenticating data. For instance
> ARIN could hold the data that they have validated on their own
> servers and people could use HTTPS queries to ensure that they
> get the answers that they thought they would get.
I must point out that HTTPS is still in PKI land - it's just "another one",
inviting otherwise unrelated parties (like Verisign et al.) into the system.
> As for how the address owner delegates the right to announce
> a prefix, they could either operate their own database and
> ARIN would have a pointer to it, or they could register the
> data in ARIN's database by some secure means. There is no
> reason why "secure means" could not include various out of
> band authentication systems.
The principles for this are included in the SIDR efforts.
> People are too hung up on cryotographically secure PKI systems
> which are way overkill for this problem. In fact, it should be
> possible to design an architecture that allows for an easy upgrade
> to PKI if it should be determined at some future date, that PKI
> is necessary.
It's hard to switch to a more secure method later on if you start with a
less secure one. So, "upgrading" to PKI from something else only makes sense
if that previous system was secure enough - but then why would you want to
> --Michael Dillon
More information about the NANOG