[arin-announce] ARIN Resource Certification Update

Carlos Martinez-Cagnazzo carlos at lacnic.net
Sun Jan 30 10:10:11 CST 2011


> >There's a big difference. If a bank screws up and loses $5,000 of my
money, I
> > can (at least potentially) sue them and recover $5,000 which is  pretty much
> > identical to the $5,000 I lost.  If a key escrow company loses my private key,
> > getting back an identical private key is exactly the *wrong* solution.
> >
> > Crypto keys are not interchangable like dollar bills.
I never suggested that they were. I tried to point out a set of
institutions on which we place similar, if not higher, levels of trust
to those required to store a crypto key.

If your crypto bank loses your key, you can always revoke and resign.
And you'll be back on the air much faster than you can recover $5k from
a failed bank. And please do not get me out of context, I never said the
hosted solution was perfect, nor that the analogy applicable to every
aspect.

And I am not trying to extend the success of RIPE's hosted solution to
"everybody's digital identity". It is a vertical solution that is doing
well (and will hopefully continue to do so) on a vertical application.
For sure, it is probably not an example you can extend to other
applications.

Going back to money, I would *never* trust a hosted solution to hold a
key I use to access my online banking. This would clearly be a case
where a hosted solution is not applicable.

regards

Carlos

-- Carlos M. Martinez LACNIC I+D PGP KeyID 0xD51507A2 Phone:
+598-2604-2222 ext. 4419

	
Carlos Martinez Cagnazzo <carlos at lacnic.net>




More information about the NANOG mailing list