Andy, as I seen this process - one have tried to design this tool with secure BGP in mind, second one thought about Certificates as a tool to protect current address management system (aka RIRs), third group - as you - think about it as a tool to protect your resource and make routing for himself more safe. In general all three think about safe routing - but each one has his own special requirements and goals - what is really important for him personally. And practically only today we began public discussion - is it the same for all of us? Can we satisfy all needs by one design? This policy is as a some kind of test for me - can we find a common compromise? Dima On 10.05.2011 16:57, Andy Davidson wrote:
On 3 May 2011, at 12:31, Malcolm Hutty wrote:
[2] For example, could we creates "webs of trust" rather than a single hierarchy? Would that be "good enough" or is a hierarchy essential? I am strongly in favour of resource certification, but appeared (until RIPE62) to be labouring under the misapprehension that this web (rather than hierarchy) system was the thing that we are building. Thank you for raising the point, Malcolm.
The Utopia, for me, is that a certificate would be valid if the NCC, *or* ARIN, *or* APNIC, *or* ..., *or* MOON-NIC, *or* Certs Inc, *or* Randy, or even my private CA had signed it, because no single regulator in any jurisdiction would be able to revoke my certificate and prevent routing. I get the benefits of automation, and the benefits of certification, without having to carry the risk of an 'internet off' switch. Is it too late for this ? Please say not.
Andy