Re: question about Mark Koster's ARIN presentation

From: Randy Bush (no email)
Date: Thu Jun 25 2009 - 18:33:39 EDT

  • Next message: Ric Moseley: "softlayer: ipv6 netfow tools"

    > The current effort will only allow for ipv6 objects
    > (route6/inet6num).

    s/allow for/add support for/

    i hope

    > We are using the same code that RIPE is using at http://certtest.ripe.net.
    > RIPE has been very kind to allow us to use their code. As for ARIN,
    > this is a pilot and is certainly not a final fixed-feature set. The
    > first go of this is the "hosted" solution where an ISP can come into
    > ARIN's pilot and create ROAs based off of allocations that they
    > have received from ARIN.
    >
    > All the ROAs will be placed into a rsync repository that can be retrieved
    > and validated. Specifically, here are the features that are a part of the
    > system:
    >
    > * Enables ARIN resource holders to request certificates for their IPv4 and
    > IPv6 Provider Aggregatable (PA) resources
    > * Enables ARIN resource holders to manage Route Origin Authorizations (ROAs)
    > for their PA address space
    > * Provides a public repository of certificates and ROAs
    > * Handles key rollovers and revocations

    the simple version of the question: who holds my private key(s)?

    the longer version: does this implement my having my own subsidiary CA
    with it communiciating with ARIN's and RIPE's ... using the protocols of
    the ietf sidr work?

    randy


  • Next message: Ric Moseley: "softlayer: ipv6 netfow tools"





    Hosted Email Solutions

    Invaluement Anti-Spam DNSBLs



    Powered By FreeBSD   Powered By FreeBSD