[ppml] Policy Proposal 2007-1 - Last Call

michael.dillon at bt.com michael.dillon at bt.com
Thu Apr 26 09:30:07 EDT 2007

> if the trust chain is allowed at all, this proposal should 
> die immediately.
> just because i signed that i believe that the holder of the 
> private key for
> pgp id 0x8972C7C1 is the human we know as paul vixie does not 
> mean i give
> him one iota of authority over my data or any other 
> relationship with arin.

I think you don't really understand how PGP-auth is supposed to work.
ARIN will only use PGP to authenticate the communication transaction.
This means that the chain of trust will only be used to authenticate
that the PGP key used in the transaction is a valid PGP key for ARIN
purposes. Any PGP key signed directly by ARIN is valid. Any PGP key
signed by somebody whose key is signed directly by ARIN is also valid
because ARIN will accept a chain of trust that is 5 steps away from
ARIN. So by signing Paul's key you are giving him FULL AUTHORITY over
his own data, not yours.

If you sign keys with ARIN then ARIN will trust that any keys that you
sign are authentic keys. You are not delegating any authority via the
chain of trust, because it is a chain of *TRUST* not a chain of
delegation. The only key that is valid for modifying your data is your
own key.

But, if you sign another person's key(person X), and person X has an
ARIN contact record and person X tells ARIN their PGP key, then ARIN
will trust that this is really person X because ARIN trusts you and you
trust person X. In the absence of this chain of trust, person X would
have to arrange a face to face meeting with an ARIN keyholder in order
to have their PGP key signed by ARIN.

Thank God we didn't try to put any of this stuff in the policy. It
already has far too many unneccessary technical details and it is
obvious that not all of the people who are involved in policymaking do
not have a good grasp of security technology.

It is unfortunate that we used the term "chain of trust" in the policy
because googling for "PGP web-of-trust" leads to numerous explanations
of this concept.

--Michael Dillon

More information about the ARIN-PPML mailing list