> I remember scaring a bunch of people at a NANOG meeting by suggesting > that we should have an alternate method of establishing trust, and > that method should be non-hierarchical (or perhaps > "counter-hierarchical"). I believe I used "DLV-like" to describe it > and I remember the reactions I got (esp from Randy). My goal was to > mitigate risk from anything that might cause the root KSK to become > bolloxed, like a botched key roll. you misunderstood me. dlv had no particular trust model. i was and remain a web of trust heritic as far as net ops is concerned. it's the way operators actually work. if you and cat, who i know, trust brielle, i'll trust her, though not necessarily her friends. lack of an inter-operator trust model is why slurm is not usable other than in one's own net. it is droll that lta-use touches this but got enough pushback from a sec ad that i have not had the time to educate. i was also not successful pushing wot in the rpki-based routing security development cabal. essentially, the ietf's total focus on the x.509 based pki hierarchy meant wot went for decades with no energy behind analysis, design, development, etc.; starved from birth. randy
