On Dec 31, 2013, at 11:06 AM, [AP] NANOG <na...@armoredpackets.com> wrote:
> Then looking at things from the evil side though, if they owned the system > which provides the signing then they could sign > virtually anything they wish. Or if they owned *people* with the right level of access to do so, or if there were implementation bugs which could be utilized to bypass or obviate the signing . . . None of the alleged capabilities described in the purported documents is really standalone; they all rely upon other methods/mechanisms in order to provide the required foundation to accomplish their stated goals. > I think we need to watch and listen/read over the coming weeks and months > before we go assuming we have it figured out. This is the most pertinent and insightful comment made in this thread. ----------------------------------------------------------------------- Roland Dobbins <rdobb...@arbor.net> // <http://www.arbornetworks.com> Luck is the residue of opportunity and design. -- John Milton
