Adding Jordi to the recipients as he is not a Opsec mailing member AFAIK
-éric
On 21/03/18 17:47, "OPSEC on behalf of Sandra Murphy" <opsec-boun...@ietf.org
on behalf of sa...@tislabs.com> wrote:
These questions were too long to ask the jabber scribe to relay. At the
scribe’s request, I summarized for the meeting, and promised a fuller version.
(Lucky you.) And then question time was scraped. Oh, well.
So here’s the full version.
Questions, then comments
Questions about some parts of the draft:
6.1.2. Multi-signature transactions
the holder of the block of
addresses must trust the owners of the keys participating in the
multi-signature transaction.
Since participants can generate their own keys, does this allow for sybil
attacks - generating new “owners of the keys” in order to make a
multi-signature succeed?
6.1.3. Revocation transaction
accepting the revocation
transaction automatically when issued by the accepted authority
Does this re-introduce a centralized authority into the system?
Comments on certain statements made in the draft, and the relationship to
IP address allocation and use:
“Cannot be assigned to two entities at the same time.”
The use of IP addresses shows shared authority over address space - more
than one entity has authority over IP address space. I’m not sure how that
works in blockchain.
Example: If an ISP holding a /16 sub-delegates a /20 to a customer, it does
not give up the ability to announce the /16.
Example: RIPE tells its members that they are responsible for their entire
allocation, no matter if they have sub-delegated some of it to a customer. And
they carefully instruct their members how to use the authorization features of
the RIPE database to ensure that they retain control over resources they have
sub delegated. And they have recently changed the authorization structure to
make it possible to delete objects for resources that were sub-delegated out of
resources they hold. (Note: I’m not a part of the RIPE NCC. RIPE NCC people
present should speak up.)
“AS domains holding large blocks of IP addresses”
There are many organizations that hold IP addresses but do not hold AS
numbers. There are many organization that hold IP addresses and AS numbers,
but have some other ISP originate announcements for them. So an IP address to
AS number mapping or vice versa is not possible or a fit to the way IP
addresses are used.
“These parties have a reduced incentive in tampering the blockchain because
they would suffer the consequences: an insecure Internet.”
I don’t see that this agrees with experience. The Internet impact is
sometimes deliberate (those who have deliberately impacted the routing of
someone else’s prefix), sometimes a mistake (yesterday’s mis-origination of a
Univ of Iowa’s prefix), and sometimes self-serving (spammers' mis-origination
of prefixes for their own gain)
—Sandy
_______________________________________________
OPSEC mailing list
OPSEC@ietf.org
https://www.ietf.org/mailman/listinfo/opsec
_______________________________________________
OPSEC mailing list
OPSEC@ietf.org
https://www.ietf.org/mailman/listinfo/opsec
