[128261] in North American Network Operators' Group
Re: Web expert on his 'catastrophe' key for the internet
daemon@ATHENA.MIT.EDU (Jorge Amodio)
Wed Jul 28 15:21:00 2010
In-Reply-To: <15502.1280343347@localhost>
Date: Wed, 28 Jul 2010 14:20:51 -0500
From: Jorge Amodio <jmamodio@gmail.com>
To: Valdis.Kletnieks@vt.edu
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
> Obviously you have approximately zero understanding of the crypto communi=
ty.
> They tend to be the most paranoid people out there - and the *only* way t=
o get
> acceptance of a signed root was to make sure that ICANN is *not* in poses=
sion
> of enough keying material to sign a key by itself. =A0In addition, the ow=
ners of
> keys need to be publicly known, to avoid allegations of "ICANN and a bunc=
h
> of unnamed people not associated with them. Honest - trust us".
Also, these famous guys selected as part of the TCR group where the
number is not actually seven, don't even have enough material to sign
anything by themselves.
The RKSH or Recovery Key Share Holder just holds in a tamper evident
bag, a smart card with part of the key used to encrypt the backup
copies of the HSM (Hardware Security Module).
I'd love to see how they can "restart the world wide web" with that ...
Cheers
Jorge
