I figured that Certificate Transparency should provide a minor half of solution to the openness, but couldn't find any CT attempts in the RFC series 6480-6495, 8210 and 8360, especially in 6488 there's no SCT list extension in the template. So the hope lies on "an insider" who publishes issuance track and SLURMs config track. Looks like Cloudflare is doing this: https://ct.cloudflare.com/logs/cirrus but without individual log entries.
On A2020/05/25 PM0:06, Bryan Fields via 44Net wrote:
On 5/24/20 11:26 PM, Scott Nicholas via 44Net wrote:
I think we could run our own RPKI but the ARIN won't sign us. Therefore we would just have to publish our trust anchor for others to include in their validators if they must use it..
I would be interested in doing this. I had a pretty long talk about it at a hotel bar about this very thing last year. It wouldn't be that hard IMHO.
This does beg the question, is ARDC trustworthy/open enough to be the anchor of this?