On 04/05/2011 16:57, Sascha Luck wrote:
On Wed, May 04, 2011 at 05:50:06PM +0200, Erik Bais wrote:
It's not that RIPE NCC is owned by a government or that ROA's or certificates are something that the Dutch government could seize or that an evil government would/could do so (under Dutch law), in order to shutdown the internet or an ISP.. There are far better (more effective) ways of doing so, if you remember what happened in Egypt / Libya etc.. Power down datacenter (y/n) ...
The egyptian ex-government had to ring each SP and tell them to pull their advertisements. At least one of whom (for a while) appears to have told them to go shite.
Having a central authority (especially one that's beholden to 20+ governments via the EU) makes that *much* easier.
I really don't think it does. You seem to be imagining a scenario where a national governement would just ring up the NCC and say, "revoke these certs." I have seen no evidence to suggest this risk is anything close to real. I suspect that a for profit global megacorp running such a certification system would be far more vulnerable to such measures, but even then, I don't see this as a large risk. Brian.