Hmmm...
I Don't know why this is happening.
Considering my default set-up on the Gmail interface is defined to use
Normal size.
https://pasteboard.co/JPG2ZoK.png
In fact, I had not even realized that this mail-list forwarded emails in
the exact format they were generated. Usually, they set
>>> you can sign over something which ways "the person identified by the
>>> following public key is to be permitted to ..."
>>
>> you mean the fraudlent attacker who owned that INR seems to have signed
>> this request for a €1.000.000,49 wire transfer to their iban. a person
>> is not identified
On Mon, Feb 22, 2021 at 8:50 PM Randy Bush wrote:
>
> > you can sign over something which ways "the person identified by the
> > following public key is to be permitted to ..."
>
> you mean the fraudlent attacker who owned that INR seems to have signed
> this request for a €1.000.000,49 wire
> you can sign over something which ways "the person identified by the
> following public key is to be permitted to ..."
you mean the fraudlent attacker who owned that INR seems to have signed
this request for a €1.000.000,49 wire transfer to their iban. a person
is not identified by that
> Really, does anyone here think that it is good form to send email with
> font size *SMALL*?
rofl!
randy
---
ra...@psg.com
`gpg --locate-external-keys --auto-key-locate wkd ra...@psg.com`
signatures are back, thanks to dmarc header mangling
Really, does anyone here think that it is good form to send email with font
size *SMALL*?
If your MUA does this by default complain to the developers. The default
should be “medium”.
If the font is too big on your screen change the magnification *you* choose to
display to *yourself*,
don’t
The LOA type model is one of the ones we showed on slideware when we
presented RTA in IETF, and at the CloudFlare RPKI workshop years ago.
The detached signature model inherent in RTA and RSC goes to "you
define the business logic" It's not proscriptive. I saw nothing
proposed here which I
>> What if PeeringDB would be the CA for the Facilities?
>> Supposedly this solves the CA problem of the "Colo Folks".
>
> I think pushing your security identification out (as the notional
> equinix) to a third party where you can't revoke/change/etc is asking
> for dangerous things to happen.
On Mon, Feb 22, 2021 at 2:44 PM Douglas Fischer
wrote:
>
> What if PeeringDB would be the CA for the Facilities?
> Supposedly this solves the CA problem of the "Colo Folks".
>
I think pushing your security identification out (as the notional
equinix) to a third party where you can't
What if PeeringDB would be the CA for the Facilities?
Supposedly this solves the CA problem of the "Colo Folks".
Would PeeringDB be interested in that?
Em seg., 22 de fev. de 2021 às 16:04, Christopher Morrow <
morrowc.li...@gmail.com> escreveu:
> On Mon, Feb 22, 2021 at 1:39 PM Randy Bush
On Mon, Feb 22, 2021 at 2:06 PM Randy Bush wrote:
>
> >> way back, the rirs were very insistant that their use of rpki authority
> >> was most emphatically not to be considered an identity service. this
> >> permeated the design; e.g., organization names were specifically
> >> forbidden in
>> way back, the rirs were very insistant that their use of rpki authority
>> was most emphatically not to be considered an identity service. this
>> permeated the design; e.g., organization names were specifically
>> forbidden in certificate CN, Subject Alternative Name, etc.
>>
>
> yup, I
On Mon, Feb 22, 2021 at 1:39 PM Randy Bush wrote:
>
> > are you asking about something like this:
> > https://datatracker.ietf.org/doc/draft-spaghetti-sidrops-rpki-rsc/
> >
> > Which COULD be used to, as an AS holder:
> > "sign something to be sent between you and the colo and your intended
> are you asking about something like this:
> https://datatracker.ietf.org/doc/draft-spaghetti-sidrops-rpki-rsc/
>
> Which COULD be used to, as an AS holder:
> "sign something to be sent between you and the colo and your intended peer"
>
> that you could sign (with your rpki stuffs) and your
> But it looks like a "crypto sign and publishes" anything related to an
> organization.
that is the problem with this discussion. it does not. it allows one
to show ownership of an AS or prefix. it does not show ownership or
authority over an organization. keep your trust model straight.
Well... I must confess that I had some difficulty on the first
understanding of what is proposed.
But after the 4 reads, I saw that this "spaghetti" thing is more
powerful than I could imagine!
Please correct me if I'm no right:
But it looks like a "crypto sign and publishes" anything related
On Mon, Feb 22, 2021 at 9:19 AM Douglas Fischer
wrote:
>
> I believe that almost everyone in here knows that LOAs for Cross Connects in
> Datacenters and Telecom Rooms can be a pain...
>
> I don't know if I'm suggesting something that already exists.
> Or even if I'm suggesting something that
17 matches
Mail list logo
