Gert Doering wrote: [...]
... and that would be a hierarchical attestation following the allocation/assignment hierarchy.
An attempt to KISS: What we (at least some of us) want to avoid is a single-point-of-failure. Looking back in history, I can remember discussions to find ways around the (then perceived) SPoF of ICANN + US.fed.law, regarding management of the DNS Root. What some of us pondered was to get the whole system easily replicated. Thus - how about leveraging the fact that we do have *5* such entities, around the world, both geographically as well as jurisdiction-wise well- distributed. What prevents us from obtaining *more than one* attestation proving proper resource holdership? I'd assume that any single pressure or interst group would then not consider it easy - and thus useful - to try to cripple all of those valid copies at the same time.
(Of course, my friends would know that I'm to be trusted, and could point a local trust anchor my way, but how would a network on the other end of the world know that?)
Gert Doering
Wilfried.