[86969] in North American Network Operators' Group
Re: BGP Security and PKI Hierarchies (was: Re: Wifi Security)
daemon@ATHENA.MIT.EDU (Kurt Erik Lindqvist)
Fri Nov 25 18:41:39 2005
In-Reply-To: <Pine.GSO.4.58.0511241926290.11042@clifden.donelan.com>
Cc: "Steven M. Bellovin" <smb@cs.columbia.edu>, nanog@nanog.org
From: Kurt Erik Lindqvist <kurtis@kurtis.pp.se>
Date: Fri, 25 Nov 2005 16:48:49 +0100
To: Sean Donelan <sean@donelan.com>
Errors-To: owner-nanog@merit.edu
On 25 nov 2005, at 02.07, Sean Donelan wrote:
> Although techincal folks may think its just about math,
> unfortunately some
> people think certificates and signatures mean more than just
> mathmatical
> formulas. I'm a bit confused why people think network service
> providers
> will be willing to "certify" transitive trust relationships about
> business
> relationships between third-parties.
Given that ISPs even refuse or manipulate their AS objects to hide
real peering or transit details for business reasons, getting them to
sign certificates for these relationships might prove even harder...
- kurtis -
