[ppml] 2007-1, was Re: mail auth proposals
michael.dillon at bt.com
michael.dillon at bt.com
Tue Apr 10 19:19:32 EDT 2007
- Previous message: [ppml] 2007-1, was Re: mail auth proposals
- Next message: [ppml] 2007-1, was Re: mail auth proposals
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
> I believe that is too long and opens for security holes when ARIN does > not know for sure if it can trust persons in between. I think > ARIN should > accept maximum 2-step PGP chain but have special system where > ARIN will > sign key for any contact it previously authenticated by either PGP or > S/MIME (maybe use different key for that if person is not > authenticated > in person). I don't think it's too long and I don't think it's too short. I don't think that 5 steps is right either and I don't think that details like this belong in policy. I do think that ARIN should consult a recognized security expert for advice on this. Someone with the stature of Steve Bellovin or Bruce Schneier for instance or someone who has credentials from IETF security-related working groups. 99% or more of the people on this list, including me, are not qualified to give expert opinions on this even if we have implemented security systems in the past. --Michael Dillon
- Previous message: [ppml] 2007-1, was Re: mail auth proposals
- Next message: [ppml] 2007-1, was Re: mail auth proposals
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the PPML mailing list