[ppml] 2007-1, was Re: mail auth proposals

Edward Lewis Ed.Lewis at neustar.biz
Tue Apr 10 14:51:19 EDT 2007


At 6:40 -1000 4/10/07, Randy Bush wrote:

>>  ARIN shall accept PGP-signed communications, validate that a
>>  chain of trust not longer than five steps exists between the
>>  signing key and the ARIN host master role key...
>this is not wise.  with pgp, i would not trust anything more than
>one hop from the key on file with the contract.  pgp is not x.509.

I want to add a "I noticed this too and disagree" with the quip 
highlighted by Randy.  It was in the back of my mind when 
"questioning" PGP but I didn't think to include it explicitly.

Meaning - X.509 is clear; ARIN can fix/cement the certs so that it is 
both the issuer and the relying party hence put "trust" into the 
binding of the key to the POC and the message (via signature) to the 
POC.  With PGP you have to either be willing to trust "introducers" 
or else restrict our trust to only those with whom you directly 
signed their keys.

X.509 and PGP both can bind a key to an entity but they trust 
architecture is different.  X.509 is hierarchical, PGP is not. 
Neither is better than the other, neither is worse than the other, 
but they are different.  I am for ARIN making PGP available only if 
it is implemented in a way that ARIN has "control" of the trust 
arrangement as far as they "control" anything else.  (By that I mean, 
via example - ARIN can delegate DNS to someone and has a policy for 
lame delegations.  If that someone then delegates elsewhere, it is 
beyond ARIN's control and the lame delegation policy doesn't cover 

Edward Lewis                                                +1-571-434-5468

Sarcasm doesn't scale.

More information about the ARIN-PPML mailing list