-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
It is also important to note that, the general trend among the other Regional Internet Registries (RIRs) is the use of X.509 as a main authentication method.
when you say that the trend among the other RIRs is to go for X.509 certificates, could you please elaborate on what they are doing and how far they are?
Best regards,
- - kurtis -
Hi all,
In APNIC we use X.509 certificate to secure MyAPNIC (similar to LIR Portal). Having X.509 auth in the whois db would make a better integration with this facility.
Is this then being widely used? No issues with client support and configurations?
We have also been closely monitoring IETF's PKIX working group where there's an effort to certify ASN and internet addresses to protect routing announcements. This might eventually affect how the public will use the internet routing registry, which is also part or our whois database.
We expect X.509 will be used to make certified statements about resource allocation as part of S-BGP or SO-BGP and/or wider requirements for authoritative statements on resources
I am not following the PKIX WG. Do you have any links to information on this, or how this is planned to be implemented? Best regards, - - kurtis - -----BEGIN PGP SIGNATURE----- Version: PGP 8.0.2 iQA/AwUBPxEc86arNKXTPFCVEQJ6RgCfT1H27hyWfZ2c3QYjuHY0QE5E48kAoJ1j AFFT7gAO1mxCPUQwj8fJnzSZ =4tDj -----END PGP SIGNATURE-----