North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

RE: Hijacked IP space.

  • From: Larry J. Blunk
  • Date: Tue Nov 04 11:41:39 2003

On Tue, 2003-11-04 at 10:51, Randy Bush wrote:
> > Those options are not mutually exclusive, and, while I agree that
> > it would be better if the RIR's accepted generic GPG keys along
> > the lines of what RADB does, the X.509 certificate is not a bad
> > first step.  At least it's better than Mail-From or Crypt-PW.
> >>>> Should we, as a community, register with RIR's with PGP.
> >>> Each of the RIRs has either already established, or is in the
> >>> process of establishing, a CA for that purpose.  Please use
> >>> them.
> >> thanks, but i choose to have my peers certify my identity, not the
> >> rirs
> the rirs already accept pgp certs.  and i use them, as do all
> security-conscious registrants.  i was disagreeing with woody's
> pushing x.509 certs to the exclusion of pgp certs.
> randy
> ---

   I would note that the RIPE NCC, while implementing X.509 support,
is moving away from the concept of running their own CA.  Their
X.509 support will be very "PGP-like".   See the following for details -