Re Shane, WG, just a quick reminder and followup to my short talk with Shane during RIPE48 regarding the closed action item on adding a reverse lookup feature for key-cert objects. You might want to have a look at agenda item ``I: Key Certificates to person role'', http://www.ripe.net/ripe/wg/db/minutes/ripe-44.html. My original idea was to change irt: [mandatory] [single] [primary/look-up key] ... auth: [mandatory] [multiple] [ ] ... and mntner: [mandatory] [single] [primary/look-up key] ... auth: [mandatory] [multiple] [ ] ... to irt: [mandatory] [single] [primary/look-up key] ... auth: [mandatory] [multiple] [inverse key] ... and mntner: [mandatory] [single] [primary/look-up key] ... auth: [mandatory] [multiple] [inverse key] ... and block inverse queries for CRYPT-PW and MD5-PW, allowing PGPKEY (and other possible future strong encrytion schemes) to be inversely queried. Than I could find all references to my key-cert object, and update those references in case I wish to delete a key-cert object (e.g. in case the key has been compromised). As far as I see, this has not yet been implemented, but is, according to Shane, a rather easy to add feature. -- Ulf Kieber email: kieber@gatel.net Sr. Network Engineer voice: +49-69-299896-21 Global Access Telecommunications, Inc. fax : +49-69-299896-40 internet solutions for business www : www.gatel.net
Ulf Kieber wrote:
Re Shane, WG,
just a quick reminder and followup to my short talk with Shane during RIPE48 regarding the closed action item on adding a reverse lookup feature for key-cert objects.
<snip/>
As far as I see, this has not yet been implemented, but is, according to Shane, a rather easy to add feature.
Yes, sorry about that. There was some confusion on my side about the action point. :( We'll make this change shortly and send a message to this mailing list when done. -- Shane Kerr RIPE NCC
participants (2)
-
kieber@gatel.net -
Shane Kerr