North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
RE: BGP certificate insanity was: (DHS insanity - offtopic)
> How can anybody be sure that the random peering tech they are > talking > to really works for the organisation listed in the whois record? By > visual inspection of the e-mail address? Do people really talk to random peering techs? I thought that peering contacts were all set up via face-to-face meetings. In any case, if it is email authentication that you are after, putting certificates in your router will not help you. Also, normal business practices can be very useful to establish the identity of people. For instance, call the company where said peering tech works, and ask for their extension. If you can't reach them by phone, then tell them that you need to discuss the matter with their boss. Everybody has a boss and should be willing to identify the boss by name. Then phone the company and ask for the boss by name. If there is still no luck, then you know that your leg is being pulled. > A faxed LOA on company > letterhead? A lot of people do require LOAs on company letterhead to begin peering but I'm not sure faxed documents are good enough. In addition, a lot of companies define the contact points in the peering agreeements so you know who is who at the other side and how to reach them (direct dial phone numbers). There is also INOC-DBA where somebody else has done some level of authentication of people at your peers. In other words, there are lots of reasonable ways to solve this problem without having to put the complexity and load of crypto on your routers. The advantage of applying reasonable processes to the problem is that any reasonably intelligent person in your business can verify that the process works. Once you go to crypto, it all becomes a mysterious blackbox that nobody in your company can verify. You just have to trust it all because somebody, somewhere, says that it should be trusted. There just isn't enough security expertise to go around for every company to examine the whole thing to be sure that it really is as secure as it claims to be. There is a long history of crypto technology being applied to problems and then being discovered to be faulty in some way. Trust was misplaced. People trusted untrustworthy systems just because it had the magic air of crypto about it. Quite frankly, the Internet is too important to trust critical infrastructure to magic crypto systems. There are other, better ways to solve these problems, that do not introduce single points of failure into the system. --Michael Dillon P.S. when I said "system" above, I was using the term in the sense that C.W. Churchman did when he wrote his book, "The Systems Approach".