[ppml] mail auth proposals, was Re: the "other"...

[Randy Bush]

> this is not wise.  with pgp, i would not trust anything more than
> one hop from the key on file with the contract.  pgp is not x.509.

i recant.  it is worse.  i checked with smb, and he advises as
appended (with permission).  i believe that, unless we do a whole
lot more inftastructure work (to what end?) safe numHops == 0

randy

---

Date: Tue, 10 Apr 2007 16:16:17 -0400
From: "Steven M. Bellovin" <smb at cs.columbia.edu>
To: Randy Bush <randy at psg.com>
Subject: Re: [ppml] mail auth proposals, was Re:  the "other"...

On Tue, 10 Apr 2007 09:45:15 -1000
Randy Bush <randy at psg.com> wrote:

The issue isn't x509 vs PGP; it's the policies practices of the
intermediate signers.  What's missing from PGP in general -- and from
x509 for this particular purpose -- is a way to say "this delegation is
for ARIN access".  In fact, some would assert that it's a flaw in the
entire model, and that we really need something like spki/sdsi to
express the concept properly.

Put another way, suppose you register your ordinary PGP key with ARIN.
You've signed my key.  Does that authorize me to access your resources?

You need to use a special key, for that only, and only use that to sign
delegatees' keys.  Should they have the right to delegate further?
You're the custodian of the IIJ key, perhaps, and maybe you sign one
key per NOC/hosting center/per-continent customer care site; these in
turn are used to issue keys to the local responsible individuals.  Is
that right?

Neither x509 or PGP really solve that problem.  The right answer, in
either case, is to associate a policy with the registered key.  It
could be in an ARIN database, it could be in x509 fields, or it could
be in some stylized real-name subfield with PGP.  The simplest such
policy is legal delegation depth below that point.


		--Steve Bellovin, http://www.cs.columbia.edu/~smb