Multiple signatures to create a reference to an irt object
- Previous message (by thread): Minutes from RIPE-41
- Next message (by thread): Multiple signatures to create a reference to an irt object
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Alexander Gall
gall at switch.ch
Wed Apr 17 16:51:57 CEST 2002
Hello I've been playing around with PGP authentication and irt objects in the test database and ran into the following problem. The relevant objects are mntner: SWITCH-MNT irt: IRT-SWITCH inetnum: 130.59.0.0 - 130.59.255.255 key-cert: PGPKEY-C3BA4795 key-cert: PGPKEY-82146071 They are all protected by SWITCH-MNT, which has a single auth attribute pointing to PGPKEY-C3BA4795. Updates signed with this key work fine. IRT-SWITCH has the attribute auth: PGPKEY-82146071. What I would like to do is to add mnt-irt: IRT-SWITCH to the inetnum object. If I understood correctly, I have to sign that update with two keys: with key C3BA4795 because the inetnum is protected by SWITCH-MNT and with 82146071 because a new reference to an irt object needs to be signed by the key referenced in the irt's auth attribute. The question is, which MIME message sent to test-dbm at ripe.net does this for me? My interpretation of the (rather brief) section "3.3.2 PGP support" in the handbook is that I need to create a MIME message with nested signatures. So, I created such a beast by hand because my mailer can't do that (see first attachment). Apparently, the robot checks the outer signature but does not recognize the inner multipart/signed content-type (see second attachment). Unless my MIME encoding is wrong (which may well be the case :-) I must have misunderstood the mechanism. Any help is appreciated. -- Alex ___________ SWITCH - The Swiss Academic and Research Network ___________ Alexander Gall, SWITCH, Limmatquai 138, CH-8001 Zurich, Switzerland gall at switch.ch Tel: +41 1 268 1522 Fax: +41 1 268 1568 -------------- next part -------------- An embedded message was scrubbed... From: Alexander Gall <gall at switch.ch> Subject: Date: Wed, 17 Apr 2002 16:11:32 +0200 Size: 1929 URL: <https://lists.ripe.net/ripe/mail/archives/db-wg/attachments/20020417/3d51c22d/attachment.mht> -------------- next part -------------- An embedded message was scrubbed... From: RIPE TEST Database Management <ripe-dbm at ripe.net> Subject: FAILED: Date: Wed, 17 Apr 2002 16:11:48 +0200 (MET DST) Size: 3001 URL: <https://lists.ripe.net/ripe/mail/archives/db-wg/attachments/20020417/3d51c22d/attachment-0001.mht>
- Previous message (by thread): Minutes from RIPE-41
- Next message (by thread): Multiple signatures to create a reference to an irt object
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ db-wg Archives ]