This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/address-policy-wg@ripe.net/
[address-policy-wg] Legal counsel on 2008-08 (Initial Certification Policy in the RIPE NCC Service Region)
- Previous message (by thread): [address-policy-wg] RIPE (NCC) engagement with LEA and government
- Next message (by thread): [address-policy-wg] Legal counsel on 2008-08 (Initial Certification Policy in the RIPE NCC Service Region)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Roger Jørgensen
rogerj at gmail.com
Thu Jun 2 10:28:19 CEST 2011
I've lately been more and more convinced that the basic idea, technical, is good. But it miss on two quite important points so I can not support it in its current form as stated earlier. However, more comments inline: On Wed, Jun 1, 2011 at 11:49 PM, David Conrad <drc at virtualized.org> wrote: > Sascha, > On Jun 1, 2011, at 11:11 AM, Sascha Luck wrote: <snip> >> Yet, also daily, I read about an attempt by $someone to censor, cut off or >> otherwise regulate somebody else's internet access. > > Not sure about daily, but yes, this is a problem. I have absolutely no doubt > that if a tool exists that allows politicians to claim they're doing something > to solve "a problem", they'll use it. I am quite sure this is one of the bigger issue with this policy. How can it be made clear for everyone that this is not a tool for that area? It should not be any opening for it being used for that really. (... and it's not that long ago an entire /16 or something I think, was used solely by a company to host every form of malware, abuse source, control centers for trojans etc... this tool would be excellent for removing That from Internet as it really was hurting almost everyone. But not sure it would be the Right tool for it.....) >> You have to excuse me for not quite believing that this attempt to impose >> a centralised structure upon internet routing has anything to do with >> preventing someone from fat-fingering a prefix >> advertisement... > > It really does have something to do with preventing fat-fingering (or perhaps > more accurately, reduces the impact of that fat-fingering). The main > arguments I've heard (some cynical, some not) for RPKI have been: > > - allow for SIDR deployment > - allow for the RIRs to enforce their policies > - allow for the RIRs to have a viable business model after IPv4 is > exhausted > - allow the existing address hierarchy model to be enforced (disallow > 'alternative address registries') Excellent, this is probably the "other" side of the problem with this policy, the more technical side that we should spend most of our time solving:) I do not believe it is a good idea at all to start building one central that can control who can, who can not be seen on Internet. What happen when the people running this registry/central database are being fat-fingered? It did happen not that long ago with .se, they went offline even with lost of procedures and routines in place to make sure it never happen. It's not possible to guard against human mistakes really, atleast very very difficult. I rather see someone at an ISP make a mistake once in a while, even often than even make it possible for someone central make a fat-fingered mistake. The difference and the effect on _everyone_ are order of magnitude different. I think both issues I see, the government one, and the technical one, can be solved but this policy do not address these two issues good enough. Both Martin Miller and Sascha Luck have in their last emails listed more reasons why this policy is not good enough on the technical side, that is, central control on what can and can not be used on Internet. Especial Martin's mail on the hierarchical control... -- Roger Jorgensen | rogerj at gmail.com | - IPv6 is The Key! http://www.jorgensen.no | roger at jorgensen.no
- Previous message (by thread): [address-policy-wg] RIPE (NCC) engagement with LEA and government
- Next message (by thread): [address-policy-wg] Legal counsel on 2008-08 (Initial Certification Policy in the RIPE NCC Service Region)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]