[86972] in North American Network Operators' Group
Re: BGP Security and PKI Hierarchies
daemon@ATHENA.MIT.EDU (Florian Weimer)
Sat Nov 26 18:22:03 2005
From: Florian Weimer <fw@deneb.enyo.de>
To: Valdis.Kletnieks@vt.edu
Cc: nanog@nanog.org
Date: Sun, 27 Nov 2005 00:21:32 +0100
In-Reply-To: <200511260740.jAQ7evJ2010964@turing-police.cc.vt.edu> (Valdis
Kletnieks's message of "Sat, 26 Nov 2005 02:40:56 -0500")
Errors-To: owner-nanog@merit.edu
* Valdis Kletnieks:
> On Thu, 24 Nov 2005 20:26:56 +0100, Florian Weimer said:
>
>> Wouldn't this provide significant economic incentive towards gaining a
>> high value on this metric? I'm not sure if this a good idea because
>> even if you call it a "trust metric", it does not have to correspond
>> to ethical behavior.
>
> Wrong concept of "trust". There exist vendors that I *expect* will
> treat me in an unethical way, while being totally open as to their
> identity.
But ensuring identity is a good measure of trust, either. Identity
only matters if you want to do something to the perpetrator in the
real world. This seems to be the rare exception, not the norm. I
expect people just to tweak their filters and move on.
(It would be more interesting if each real-world entity could only
have one digital entity, but this is impossible to achieve, especially
in context of IP routing.)
