ARIN-PPML Message

[ppml] Policy Proposal: Reinstatement of PGP Authentication Method

In a message written on Tue, Oct 24, 2006 at 02:37:29PM -0700, Bill Woodcock wrote:
>            There isn't a lot of work to do here, and certainly nothing
>            tricky. The hostmaster key has existed since InterNIC days, and
>            ARIN staff have verified that the key and passphrase are still
>            known and working fine. This is simple code, which all the

I support this policy, however I have a minor issue with the text
above that goes with it.  Internet != ARIN.  Since a key isn't
referenced by Key ID or Fingerprint it's impossible to tell for
sure which key is being referenced, however I assume the author
intends for ARIN to continue using the original InterNIC key.  Since
ARIN is not InterNIC, I don't think it would be appropriate for
them to use the InterNIC hostmaster key, even if they now have the
private key and passphrase.

ARIN should have an ARIN key, properly cross signed by other RIR's
and various other entities as suggested and use it to sign ARIN
published material.  This will allow cryptographic proof of things
that came from InterNIC, and things that came from ARIN.

Also, while I don't know which key is specifically being referenced,
I suspect a key from the InterNIC time frame may not meet current
standards for algorithm or key length.

-- 
       Leo Bicknell - bicknell at ufp.org - CCIE 3440
        PGP keys at http://www.ufp.org/~bicknell/
Read TMBG List - tmbg-list-request at tmbg.org, www.tmbg.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
URL: <http://lists.arin.net/pipermail/arin-ppml/attachments/20061024/6db31442/attachment.bin>