About RIPE | Contact  | Search | Sitemap    
Homepage RIPE  
RIPE Community Mail Archives
search  
     
Next Sectionyou are here: RIPE -> RIPE Maillists > Archives
RIPE Navigation Ends
About RIPE Maillists
Maillists Archive
Global Lists
Non Active Lists
RIPE NCC Navigation Ends
Next Section
<<< Chronological >>> Author Index    Subject Index <<< Threads >>>

Re: [db-wg] Re: [ncc-services-wg] X.509 authentication in the RIPE Database

  • To: Patrik Fältström < >
  • From: Randy Bush < >
  • Date: Wed, 16 Jul 2003 16:28:50 +0200
> What I now heard was that the ssl connections will be strengthened by 
> adding client side certificates which can be used for authentication. 
> This might of course rise questions about the use of third-party-CA for 
> the certificates, but this is (as clarified in this mail below) 
> resolved by having the RIR being an CA by itself.

so i am supposed to install the RIRs' certs in my browser as root
CAs and ignore the big hole for attack this opens?  i already
*remove* a bunch of root CAs when i bring up a new browser.  this
is the new internet.  get paranoid.

let the RIRs spend a few of the bucks they have getting their certs
signed by a well-trusted root CA.

randy
  • Post To The List:
<<< Chronological >>> Author    Subject <<< Threads >>>
 

Next Section
     About RIPE | Site Map | LIR Portal | About the RIPE NCC | Contact | Copyright Statement
RIPE.NET Homepage LIR Portal RIPE Community