About RIPE | Contact  | Search | Sitemap    
Homepage RIPE  
RIPE Community Mail Archives
search  
     
Next Sectionyou are here: RIPE -> RIPE Maillists > Archives
RIPE Navigation Ends
About RIPE Maillists
Maillists Archive
Global Lists
Non Active Lists
RIPE NCC Navigation Ends
Next Section
<<< Chronological >>> Author Index    Subject Index <<< Threads >>>

Re: [ca-tf] Next steps & Write-up of the CA-TF kick-off meeting

  • To: Vasily Dolmatov <
    >
  • From: Leo Vegoda <
    >
  • Date: Thu, 1 Mar 2007 12:34:24 +0800
On Feb 28, 2007, at 7:49 PM, Vasily Dolmatov wrote:

[...]
In brief: There is no way to _ensure_ that certificate was taken by proper
person.
There is crucial difference between "Leo Vegoda with valid passport in hand"
and "someone who connected to the Portal using two text strings, which some
time ago were sent by e-mail to someone who wrote he was Leo Vegoda".
So, certificate generated in the first case can legally represent Leo Vegoda
(provided another lot of conditions were met), certificate generated in the
second case can represent _nothing_ and _noone_. It will be issued and
transferred to _unknown_person_ who happened to posess knowlegde of pair of
text strings in given moment of time. No claims concerning following actions
using this certificate can be considered either legally or logically.
In the past I have been told that the RIRs do not intend to certify identity, only control of the resources. The analogy I was given was that of a bearer bond: if you hold the bond you can cash it in.

[...]

As I can see now, when struggling with threats
- that someone can claim that some operations with resources which were
assigned to him were performed without his knowledge and against his will
and he consider RIPE NCC legally responsible for the consequencies and
possible losses
Isn't this already covered by article 7 of the RIPE NCC's Standard Terms & Conditions?

- that someone can decline responsibility for some evil operations which
were performed from IP-space assigned to him
I'm sure they can always do that, anyway. Isn't it up to the court system to determine facts in an "evil operations" case?

- that there will be resources which assigned to someone with whom there is
no possibility to communicate by RIPE NCC
So the certificate is never issued or expired? I don't understand how this is a threat. Can you expand on it?

I don't understand how the threats you have described are likely to stop the RIPE NCC offering a service where the holder of a certificate (whoever that is) controls the resource. And more importantly, I don't see why not certifying identity should stop the RIPE NCC offering a service that allows the certificate holder to assure other people that they can authorise the use of the resources and the transfer of the resources.

Regards,

--
Leo Vegoda
IANA Numbers Liaison


Post To The List:

Message References

<<< Chronological >>> Author    Subject <<< Threads >>>
 

Next Section
     About RIPE | Site Map | LIR Portal | About the RIPE NCC | Contact | Copyright Statement
RIPE.NET Homepage LIR Portal RIPE Community