25 May
2020
25 May
'20
12:34 p.m.
I figured that Certificate Transparency should provide a minor half of
solution to the openness, but couldn't find any CT attempts in the RFC
series 6480-6495, 8210 and 8360, especially in 6488 there's no SCT list
extension in the template. So the hope lies on "an insider" who
publishes issuance track and SLURMs config track. Looks like Cloudflare
is doing this: https://ct.cloudflare.com/logs/cirrus but without
individual log entries.
On A2020/05/25 PM0:06, Bryan Fields via 44Net wrote:
On 5/24/20 11:26 PM, Scott Nicholas via 44Net wrote:
I think we could run our own RPKI but the ARIN
won't sign us.
Therefore we would just have to publish our trust anchor for others to
include in their validators if they must use it..
I would be interested in doing
this. I had a pretty long talk about it at a
hotel bar about this very thing last year. It wouldn't be that hard IMHO.
This does beg the question, is ARDC trustworthy/open enough to be the anchor
of this?