[dns-operations] Interim Trust Anchor Repository

Florian Weimer fweimer at bfk.de
Wed Feb 25 14:29:04 UTC 2009

* Stephane Bortzmeyer:

> On Tue, Feb 24, 2009 at 12:42:00PM +0100,
>  Jaap Akkerhuis <jaap at NLnetLabs.nl> wrote 
>  a message of 18 lines which said:
>> Try a different server:
> Thanks, this works:
> % gpg --keyserver minsky.surfnet.nl --recv-key 81D464F4
> % gpg  ~/tmp/ITAR/anchors.mf.sig
> But how to validate since the PGP key is not signed by third parties?

But would a third party signature imply that the key is authorized to
sign the ITAR (or that it's okay to use the signed data)?

The OpenPGP signature still has value, to confirm that you got the
current version from the same folks who made the previous versions.
But the web of trust offers little additional help beyond that.

Florian Weimer                <fweimer at bfk.de>
BFK edv-consulting GmbH       http://www.bfk.de/
Kriegsstraße 100              tel: +49-721-96201-1
D-76133 Karlsruhe             fax: +49-721-96201-99

More information about the dns-operations mailing list