About RIPE | Contact  | Search | Sitemap    
Homepage RIPE  
RIPE Community Mail Archives
search  
     
Next Sectionyou are here: RIPE -> RIPE Maillists > Archives
RIPE Navigation Ends
About RIPE Maillists
Maillists Archive
Global Lists
Non Active Lists
RIPE NCC Navigation Ends
Next Section
<<< Chronological >>> Author Index    Subject Index <<< Threads >>>

Re: [db-wg] Re: [ncc-services-wg] X.509 authentication in the RIPE Database

  • To: Randy Bush < >
  • From: Joao Damas < >
  • Date: Thu, 17 Jul 2003 16:30:40 +0200
On Thursday, Jul 17, 2003, at 13:48 Europe/Amsterdam, Randy Bush wrote:


someone getting at the root CA key at an RIR

There would still be the very similar issue of someone getting at the
certificate that the RIR bought from the third party CA.

no, as that would not be installed in my browser to be absolutely
trusted.
If the certificate that signs other certificates is compromised, the trust in the signed certificates is gone because you won't be able to know if new certificates have been generated by non-legitimate parties.

Joao



  • Post To The List:
<<< Chronological >>> Author    Subject <<< Threads >>>
 

Next Section
     About RIPE | Site Map | LIR Portal | About the RIPE NCC | Contact | Copyright Statement
RIPE.NET Homepage LIR Portal RIPE Community