[address-policy-wg] 2008-08 (Initial Certification Policy in the RIPE NCC Service Region) going to Last Call

On May 4, 2011, at 1:45 PM, Martin Millnert wrote:
> It's not about "not seeing a risk" as much as it is about _making
> sure_, in the very design of the system, that it is *not possible* to
> abuse.
> Or at the very least extremely hard (global conspiracy kind of hard), to abuse.
> 
> That would lend a bit more credit to the system.
> 
> That would mean, of course, that no revocation of any certificate from
> any single central authority can affect routing on multiple networks.

Martin -

Given the validation that some operators already perform based on 
information in RIPE Database (including whois and rpsl), doesn't the 
same potential for network disruption due to misplaced governmental 
action exist today?  

I am trying to discern if your concern is regarding the theoretical 
existence of such risks, or the specifically the addition of RPKI 
because your view it as a more accessible mechanism for abuse?

Thanks!
/John