North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Re: SSL for IRR queries?
- From: Jake Khuon
- Date: Fri Jan 11 15:51:45 2002
### On Fri, 11 Jan 2002 14:45:35 -0500 (EST), Tony Tauber
### <email@example.com> casually decided to expound upon firstname.lastname@example.org
### the following thoughts about "SSL for IRR queries?":
TT> If there's a desire to trust information garnered
TT> from the Internet Routing Registry (eg. RADB, RIPE),
TT> it would seem that one would like a way to verify
TT> the server responding to queries.
There is implimentation work being done for rps-auth (RFC2725) by RIPE,
Merit and others I believe. This should ensure authenticated integrity of
the data. If it's query-time man-in-the-middle type attacks one is worried
about then an implimentation of rps-dist (RFC2769) addresses that issue
which I believe is being done by RIPE, Merit and others as well. I had
heard it was moved to a lower priority than implimenting rps-auth however.
Perhaps someone from the RIPE db-wg could comment.
/*===================[ Jake Khuon <khuon@NEEBU.Net> ]======================+
| Packet Plumber, Network Engineers /| / [~ [~ |) | | --------------- |
| for Effective Bandwidth Utilisation / |/ [_ [_ |) |_| N E T W O R K S |