> I'm suggesting that A delegates a unique signing key to the RS. the expression we use is, now RS can sign gifs of naked furries in A's name. i.e. A has given away the store. you do NOT let anyone else have your private keys.
for example. in this context, RS can now give that key to Perp who can originate A's prefixes. #fail > This is what "6.6 Proxy Signing" in > draft-sriram-bgpsec-design-choices suggests, is it not ? Or does that > blow the trust model to hell, also ? it does indeed. that is why 6.6 was rejected. randy _______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
