[address-policy-wg] 2008-08 (Initial Certification Policy in the RIPE NCC Service Region) going to Last Call
- Previous message (by thread): [address-policy-wg] 2008-08 (Initial Certification Policy in the RIPE NCC Service Region) going to Last Call
- Next message (by thread): [address-policy-wg] the implications of RPKI certificate revokation
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Sascha Luck
lists-ripe at c4inet.net
Thu May 5 01:18:51 CEST 2011
On Wed, May 04, 2011 at 05:24:12PM +0100, Brian Nisbet wrote: >I really don't think it does. You seem to be imagining a scenario where >a national governement would just ring up the NCC and say, "revoke these >certs." I have seen no evidence to suggest this risk is anything close >to real. This has already happened, not a week ago the DHS (who else?) seized the domains of various online poker sites. TTBOMK similar has happened in the EU as well. I even seem to remember some organisation calling for RIPE to de-register certain resources. (Possibly the NCC care to enlighten us as to whether anything came of that?) > I suspect that a for profit global megacorp running such a > certification system would be far more vulnerable to such measures, but > even then, I don't see this as a large risk. Absolutely. Wikileaks <> Visa, Mastercard, Paypal, Verisign, &c? I think that is a *very* large risk indeed and I'd never propose to host the central authority for my routing to $private_corp either. Unless there are a lot of them, preferably in a lot of different countries... rgds, Sascha
- Previous message (by thread): [address-policy-wg] 2008-08 (Initial Certification Policy in the RIPE NCC Service Region) going to Last Call
- Next message (by thread): [address-policy-wg] the implications of RPKI certificate revokation
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]