On Thu, May 5, 2011 at 4:21 AM, Brian Nisbet <brian.nisbet@heanet.ie> wrote:
On 05/05/2011 08:45, Jim Reid wrote:
On 4 May 2011, at 17:24, Brian Nisbet wrote:
You seem to be imagining a scenario where a national governement would just ring up the NCC and say, "revoke these certs." I have seen no evidence to suggest this risk is anything close to real.
I suppose this depends on the definition of "real" and "evidence" Brian.
If the NCC gets told to revoke a cert -- eg via a Dutch court order or equivalent -- it will have to do that. It would be sensible to assume that well-funded and/or litigious organisations might well be minded to pursue that avenue if they think getting a cert revoked will either disrupt or shut down some activities they dislike. Or bury their opponents in legal costs before it gets to the point where a court order gets issued. Certificates for routing will provide another vector for these sorts of layer-9 and up attacks. IMO it's foolish to assume or pretend otherwise.
My point was not that the cert could not be revoked (although Sander's follow-up post would suggest that might be the case), rather that it would be a long and difficult process. Certainly far, far more difficult than a government picking up the phone and saying "We are in a state of national emergency/rebellion/worried our citizens are learning things, shut down the Internet now."
Simply by having the possibility to revoke certifications or db entries, the RIPE NCC invites gunned madmen, be them from governments or not, to enter their offices and make them make certain unwanted sites/prefixes on the internet disappear. I'd prefer if there was no reason for them to attempt this, since there would be no technical way to do it. Why is revocation of assigned addresses in this manner necessary? Kind Regards, Martin