Adding Jordi to the recipients as he is not a Opsec mailing member AFAIK -éric
On 21/03/18 17:47, "OPSEC on behalf of Sandra Murphy" <opsec-boun...@ietf.org on behalf of sa...@tislabs.com> wrote: These questions were too long to ask the jabber scribe to relay. At the scribe’s request, I summarized for the meeting, and promised a fuller version. (Lucky you.) And then question time was scraped. Oh, well. So here’s the full version. Questions, then comments Questions about some parts of the draft: 6.1.2. Multi-signature transactions the holder of the block of addresses must trust the owners of the keys participating in the multi-signature transaction. Since participants can generate their own keys, does this allow for sybil attacks - generating new “owners of the keys” in order to make a multi-signature succeed? 6.1.3. Revocation transaction accepting the revocation transaction automatically when issued by the accepted authority Does this re-introduce a centralized authority into the system? Comments on certain statements made in the draft, and the relationship to IP address allocation and use: “Cannot be assigned to two entities at the same time.” The use of IP addresses shows shared authority over address space - more than one entity has authority over IP address space. I’m not sure how that works in blockchain. Example: If an ISP holding a /16 sub-delegates a /20 to a customer, it does not give up the ability to announce the /16. Example: RIPE tells its members that they are responsible for their entire allocation, no matter if they have sub-delegated some of it to a customer. And they carefully instruct their members how to use the authorization features of the RIPE database to ensure that they retain control over resources they have sub delegated. And they have recently changed the authorization structure to make it possible to delete objects for resources that were sub-delegated out of resources they hold. (Note: I’m not a part of the RIPE NCC. RIPE NCC people present should speak up.) “AS domains holding large blocks of IP addresses” There are many organizations that hold IP addresses but do not hold AS numbers. There are many organization that hold IP addresses and AS numbers, but have some other ISP originate announcements for them. So an IP address to AS number mapping or vice versa is not possible or a fit to the way IP addresses are used. “These parties have a reduced incentive in tampering the blockchain because they would suffer the consequences: an insecure Internet.” I don’t see that this agrees with experience. The Internet impact is sometimes deliberate (those who have deliberately impacted the routing of someone else’s prefix), sometimes a mistake (yesterday’s mis-origination of a Univ of Iowa’s prefix), and sometimes self-serving (spammers' mis-origination of prefixes for their own gain) —Sandy _______________________________________________ OPSEC mailing list OPSEC@ietf.org https://www.ietf.org/mailman/listinfo/opsec _______________________________________________ OPSEC mailing list OPSEC@ietf.org https://www.ietf.org/mailman/listinfo/opsec