Re Shane, WG, just a quick reminder and followup to my short talk with Shane during RIPE48 regarding the closed action item on adding a reverse lookup feature for key-cert objects. You might want to have a look at agenda item ``I: Key Certificates to person role'', http://www.ripe.net/ripe/wg/db/minutes/ripe-44.html. My original idea was to change irt: [mandatory] [single] [primary/look-up key] ... auth: [mandatory] [multiple] [ ] ... and mntner: [mandatory] [single] [primary/look-up key] ... auth: [mandatory] [multiple] [ ] ... to irt: [mandatory] [single] [primary/look-up key] ... auth: [mandatory] [multiple] [inverse key] ... and mntner: [mandatory] [single] [primary/look-up key] ... auth: [mandatory] [multiple] [inverse key] ... and block inverse queries for CRYPT-PW and MD5-PW, allowing PGPKEY (and other possible future strong encrytion schemes) to be inversely queried. Than I could find all references to my key-cert object, and update those references in case I wish to delete a key-cert object (e.g. in case the key has been compromised). As far as I see, this has not yet been implemented, but is, according to Shane, a rather easy to add feature. -- Ulf Kieber email: kieber@gatel.net Sr. Network Engineer voice: +49-69-299896-21 Global Access Telecommunications, Inc. fax : +49-69-299896-40 internet solutions for business www : www.gatel.net