[ppml] 2007-1, was Re: mail auth proposals
Ed.Lewis at neustar.biz
Tue Apr 10 14:51:19 EDT 2007
At 6:40 -1000 4/10/07, Randy Bush wrote:
>> ARIN shall accept PGP-signed communications, validate that a
>> chain of trust not longer than five steps exists between the
>> signing key and the ARIN host master role key...
>this is not wise. with pgp, i would not trust anything more than
>one hop from the key on file with the contract. pgp is not x.509.
I want to add a "I noticed this too and disagree" with the quip
highlighted by Randy. It was in the back of my mind when
"questioning" PGP but I didn't think to include it explicitly.
Meaning - X.509 is clear; ARIN can fix/cement the certs so that it is
both the issuer and the relying party hence put "trust" into the
binding of the key to the POC and the message (via signature) to the
POC. With PGP you have to either be willing to trust "introducers"
or else restrict our trust to only those with whom you directly
signed their keys.
X.509 and PGP both can bind a key to an entity but they trust
architecture is different. X.509 is hierarchical, PGP is not.
Neither is better than the other, neither is worse than the other,
but they are different. I am for ARIN making PGP available only if
it is implemented in a way that ARIN has "control" of the trust
arrangement as far as they "control" anything else. (By that I mean,
via example - ARIN can delegate DNS to someone and has a policy for
lame delegations. If that someone then delegates elsewhere, it is
beyond ARIN's control and the lame delegation policy doesn't cover
Edward Lewis +1-571-434-5468
Sarcasm doesn't scale.
More information about the ARIN-PPML