Multiple signatures to create a reference to an irt object
- Previous message (by thread): Multiple signatures to create a reference to an irt object
- Next message (by thread): Multiple signatures to create a reference to an irt object
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Alexander Gall
gall at switch.ch
Wed Apr 24 19:28:31 CEST 2002
Hello Wilfried > >So far, the response to my query has been, well, nil :-( Maybe I'm asking > >this question on the wrong list? This must have been tested before... > > > >Cheers, > >Alex > > Well, I guess the answers are: > NO (wrong list) and > WELL... (tested for all situations) > > Do you want it on the WG agenda for next week? If it's supposed to work the way I tried but doesn't, I guess so. -- Alex > Wilfried. > > ___________ SWITCH - The Swiss Academic and Research Network ___________ > Alexander Gall, SWITCH, Limmatquai 138, CH-8001 Zurich, Switzerland > gall at switch.ch Tel: +41 1 268 1522 Fax: +41 1 268 1568 > > > > > Hello > > > > I've been playing around with PGP authentication and irt objects in the > > test database and ran into the following problem. > > > > The relevant objects are > > > > mntner: SWITCH-MNT > > irt: IRT-SWITCH > > inetnum: 130.59.0.0 - 130.59.255.255 > > key-cert: PGPKEY-C3BA4795 > > key-cert: PGPKEY-82146071 > > > > They are all protected by SWITCH-MNT, which has a single auth attribute > > pointing to PGPKEY-C3BA4795. Updates signed with this key work fine. > > > > IRT-SWITCH has the attribute auth: PGPKEY-82146071. > > > > What I would like to do is to add mnt-irt: IRT-SWITCH to the inetnum > > object. If I understood correctly, I have to sign that update with two keys: > > with key C3BA4795 because the inetnum is protected by SWITCH-MNT and with > > 82146071 because a new reference to an irt object needs to be signed by > > the key referenced in the irt's auth attribute. > > > > The question is, which MIME message sent to test-dbm at ripe.net > > does this for me? > > > > My interpretation of the (rather brief) section "3.3.2 PGP support" in the > > handbook is that I need to create a MIME message with nested signatures. > > So, I created such a beast by hand because my mailer can't do that (see > > first attachment). Apparently, the robot checks the outer signature but > > does not recognize the inner multipart/signed content-type (see second > > attachment). > > > > Unless my MIME encoding is wrong (which may well be the case :-) I must > > have misunderstood the mechanism. > > > > Any help is appreciated. > > -- > > Alex > > ___________ SWITCH - The Swiss Academic and Research Network ___________ > > Alexander Gall, SWITCH, Limmatquai 138, CH-8001 Zurich, Switzerland > > gall at switch.ch Tel: +41 1 268 1522 Fax: +41 1 268 1568 > > -------------------------------------------------------------------------------- >
- Previous message (by thread): Multiple signatures to create a reference to an irt object
- Next message (by thread): Multiple signatures to create a reference to an irt object
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ db-wg Archives ]