Sander, On Mon, May 20, 2013 at 09:52:06PM +0200, Sander Steffann wrote:
- What should be the triggering mechanism for actually moving the RIPE NCC to another country (possibly outside of the EU) ?
Silly things like I described above. I never seriously thought of moving the RIPE NCC to a different country though. The line you quote was meant as hypothetical case.
A realistic solution to this issue is not to have to move the NCC (except in really extreme circumstances), a solution could be to have a distributed trust-root (maybe the other RIRs, maybe trusted 3rd parties or a combination thereof). An operator can then choose to trust some, but not other, roots or accept a majority decision). The important feature is that there is no single point where an attack succeeds. This avoids the fatal flaw that a single trust-root implementation represents and, to an extent, preserves the distributed nature of the DFZ. Indeed, this would remove my *only* point of contention. Kind Regards, Sascha Luck