This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/
[address-policy-wg] 2006-05 New Policy Proposal (PI Assignment Size)
- Previous message (by thread): [address-policy-wg] 2006-05 New Policy Proposal (PI Assignment Size)
- Next message (by thread): [address-policy-wg] 2006-05 New Policy Proposal (PI Assignment Size)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Randy Bush
randy at psg.com
Mon Sep 25 18:43:40 CEST 2006
>> if we are lucky, this time next year, you will be able to verify an X.509 >> certificate chain with rfc 3779 resource extensions, and have significant >> confidence in rights to address and asn resources. > > As I can understand, I can verify origin of prefix, prefix itself, but > it can't authorize is that certain as-path legitimate or not. Like I can > figure it out from routing registry DB. Isn't it? the current work will provide a formally verifiable demonstration of ownership of address space. to achieve your goal _formally_ will require something like sbgp. the irr is an informal way to kinda achieve what you want. and we use it today. one first useful step for an isp is to use the x.509 data to verify ownership assertions in the irr when building filter lists, for example. randy
- Previous message (by thread): [address-policy-wg] 2006-05 New Policy Proposal (PI Assignment Size)
- Next message (by thread): [address-policy-wg] 2006-05 New Policy Proposal (PI Assignment Size)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]