[ppml] mail auth proposals, was Re: the "other"...
Ed.Lewis at neustar.biz
Mon Apr 9 11:57:31 EDT 2007
At 8:37 -0700 4/9/07, Bill Woodcock wrote:
>I think that's one of the benefits of PGP: no direct relationship is
>needed between ARIN and the POC. If the POC has a key, and the key has
>been signed within a certain number of steps, you're good to go. The
>X.509 implementation required that the POC and ARIN enter into a
>heavy-weight contractual relationship. I think the numbers speak for
>themselves, on the success of that experiment.
I'm asking about "that experiment" - is that just a turn of a phrase
or was something run?
Last time I asked about the adoption of X.509 within ARIN the answer
was "not very much, maybe a handful." But I thought that ARIN has
it's own CA service.
My impression of PGP is that "it's okay between friends" and my
professional experience with it was limited to the days that a
long-ago employer (I think the name at the time was Network
Associates or McAfee) bought the technology from Phil Zimmerman and
found that it wasn't commercially viable despite having a workable
I am not trying to raise a debate over the technology, I mean to give
my impressions as the view of someone in the audience. I am looking
to fill in the background on the policy proposals and the "need
for"/"viability of" them.
(And debating whether email templates should be used at all is out of
scope in the discussion of the proposals at hand.)
Did ARIN (staff) also do a PGP option?
Edward Lewis +1-571-434-5468
Sarcasm doesn't scale.
More information about the ARIN-PPML