1 Oct
2010
1 Oct
'10
11:15 a.m.
On Fri, Oct 1, 2010 at 11:12 AM, Jeroen Massar <jeroen@unfix.org> wrote:
On 2010-10-01 17:04, Christopher Morrow wrote: [..]
I think so far the models proposed in SIDR-wg include: o more than one cert tree (trust anchor)
Why not in a similar vain as RBLs: white and black lists.
I'm sure someone will think it's a fine plan to set up a TA and sign down ROA's that indicate 'badness' or 'invalid' or something similar. There's nothing stopping that, similarly today you COULD subscribe to a BGP feed of subnets of actually seen routes rewriting the next-hop to dsc0/Null0/honeypot... I don't think this sort of thing is in the SIDR-wg's charter though... much like RBL's are not in DNS-EXT's charter? -chris