North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: BGP Security and PKI Hierarchies (was: Re: Wifi Security)
On Wed, 23 Nov 2005 16:39:11 -1000 Randy Bush <[email protected]> wrote: > >> [0] - i'll want the business cert to have the ca bit if i am > >> large enough to have internal authorization process, and > >> thus want to create and manage different certs for dns, > >> billing, ... > > > > We are discussing how we can do subsidiary certificate services like > > this in APNIC but I think this goes outside of routing policy and > > into registry business practices which are unlikely to be common > > for all RIR and NIR in the ways that resource certificates *have* > > to be. > > if it is not common across registries, and if my certs do not > work across registries, then something is very very broken, > and a major pita at the isps', aka your members', expense. > > randy If you want to see member-certificates which gate access to RIR/NIR specific services common across all registries, I think you want to get that onto an RIR meeting agenda Randy. We currently have no cross-certification activity in member identity. cheers -George
|