[96213] in North American Network Operators' Group

home help back first fref pref prev next nref lref last post

Re: IP Block 99/8 (DHS insanity - offtopic)

daemon@ATHENA.MIT.EDU (Sandy Murphy)
Mon Apr 23 20:51:21 2007

To: mike@sentex.net, nanog@merit.edu
Cc: sandy@tislabs.com
In-Reply-To: <26919CFC-D20D-4575-A692-0D1B610C021B@ianai.net>
Date: Mon, 23 Apr 2007 17:23:03 -0400 (EDT)
From: sandy@tislabs.com (Sandy Murphy)
Errors-To: owner-nanog@merit.edu


> The question is who would do the signing and revocations. Whoever
> does that would indeed have a great amount of control over the
> internet.  A single government agency should not have that sort of
> power to make a (for lack of better term), "no surf list" of IP
> space...

You might try taking a look at the various presentations at NANOG/RIPE/ARIN/
APNIC/APRICOT about the whole idea.  Central point: the entity that gives
you a suballocation of its own address space signs something that says you
now hold it.

No governments involved.

Here are a few URLs to start you off:

NANOG 36 Feb 2006: What I Want for Eid ul-Fitr, An Operational ISP & RIR PKI  http://www.nanog.org/mtg-0602/pdf/bush.pdf
NANOG 38 Oct 2006: Serious Progress on X.509 Certification of RIR Resource Allocations http://www.nanog.org/mtg-0610/presenter-pdfs/bush.pdf
ARIN XVII April 2006:  X.509 Resource and Routing Certificate Panel http://www.arin.net/meetings/minutes/ARIN_XVII/PDF/monday/x509-huston.pdf   http://www.arin.net/meetings/minutes/ARIN_XVII/PDF/monday/x509-kent.pdf
RIPE 52 Apr 2006: A PKI for IP Address Space and AS Numbers http://www.ripe.net/ripe/meetings/ripe-52/presentations/ripe52-plenary-pki.pdf
RIPE 53 Oct 2006: Using Resource Certificates - A Progress Report on the Trial of Resource Certification  http://www.ripe.net/ripe/meetings/ripe-53/presentations/using_res_certs.pdf
RIPE 51 Oct 2005: APNIC Trial of Certification of IP Addresses and ASes  http://www.ripe.net/ripe/meetings/ripe-51/presentations/pdf/ripe51-address-certificate.pdf
APNIC Mar 2006 APNIC resource certification update http://www.apnic.net/meetings/21/docs/sigs/routing/sig-routing-pres-ggm-resource-cert-update.pdf
APRICOT Mar 2006: A PKI to Support Improved Internet Routing Security http://www.apricot2006.net/slides/conf/wednesday/Address%20Space%20PKI%20(APRICOT).pdf


Work ongoing in the IETF SIDR working group:

http://www.ietf.org/html.charters/sidr-charter.html

--Sandy Murphy
home help back first fref pref prev next nref lref last post