nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Web expert on his 'catastrophe' key for the internet

From: Jorge Amodio <jmamodio () gmail com>
Date: Wed, 28 Jul 2010 14:20:51 -0500
Obviously you have approximately zero understanding of the crypto community.
They tend to be the most paranoid people out there - and the *only* way to get
acceptance of a signed root was to make sure that ICANN is *not* in posession
of enough keying material to sign a key by itself.  In addition, the owners of
keys need to be publicly known, to avoid allegations of "ICANN and a bunch
of unnamed people not associated with them. Honest - trust us".


Also, these famous guys selected as part of the TCR group where the
number is not actually seven, don't even have enough material to sign
anything by themselves.

The RKSH or Recovery Key Share Holder just holds in a tamper evident
bag, a smart card with part of the key used to encrypt the backup
copies of the HSM (Hardware Security Module).

I'd love to see how they can "restart the world wide web" with that ...

Cheers
Jorge
Previous By Date Next
Previous By Thread Next

Current thread: