[ppml] Verifying the title to an IP address block
Christopher Morrow
christopher.morrow at gmail.com
Tue Jul 24 11:22:23 EDT 2007
On 7/24/07, Owen DeLong <owen at delong.com> wrote:
>
> 1. IANA signs all delegations with a well-known key
> in a way that strongly identifies the recipient.
>
> 2. Each RIR would sign its allocations/assignments in
> a way that strongly identifies the direct recipient.
>
> 3. This chain would continue until finally the end-user
> was identified.
>
> 4. A mechanism should be built to enable DNS RRs
> to reflect IP/ASN tuples signed by both the Address
> and the ASN holders, reflecting the chain of
> authority for each.
i agree with all of the above save #4... Only because I don't see it
being feasible in a 'light weight manner' (from the ops perspective)
in the short term and because it seems bolted onto the side of the
larger initial goal which was some cert-chain down to the
end-delegation. I believe Sandy Miller had some slide-ware on this
very thing actually?
-Chris
More information about the ARIN-PPML
mailing list