This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/address-policy-wg@ripe.net/
[address-policy-wg] 2008-08 (Initial Certification Policy in the RIPE NCC Service Region) going to Last Call
- Previous message (by thread): [address-policy-wg] 2008-08 (Initial Certification Policy in the RIPE NCC Service Region) going to Last Call
- Next message (by thread): [address-policy-wg] 2008-08 (Initial Certification Policy in the RIPE NCC Service Region) going to Last Call
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
John Curran
jcurran at arin.net
Wed May 4 23:58:18 CEST 2011
On May 4, 2011, at 5:33 PM, Martin Millnert wrote: > At the same time, I think the data already existing in for example > RIPE's whois database and present technology is sufficient for the > validation of customer and peer route announcements. It's likely that many feel that way, but there appears that there are also folks who wish to have an additional form of validation via RPKI. > A good solution, I believe, to this question lies not in an external > party declaring who's the holder or not of a prefix, but the holder of > the prefix itself. Are you saying that those who wish to make use of RPKI should not be able to, even if that's their choice of technology and yours is a more "multi-source peer based policy" choice? > Following the analogy, no central authority would be able to take my > stone away from me - that would be theft. Also, no central authority > is able to take the power to speak away from individuals in a room > full of stone-holding people. ... but apparently *would* be able to specify that no one may use RPKI even if that is someone else's particular preferred technology for securing their own stones? A statement that an RIR shall not support RPKI for the resources in its database is equivalent to deciding "no" on behalf those who want to make use of the optional service, correct? I understand concerns regarding cost or risk for an RIR considering RPKI (and in the ARIN region these are presently actively under consideration) and questions about return on investment also seem reasonable (since you can't support everything, and need to make sure you prioritize to services that will be actively used by the community), but this is first time I've heard an argument to the effect that simply offering the RPKI service will harm those not using it, and I really want to understand since that's not likely to be an effect specific to any one region. Thanks! /John
- Previous message (by thread): [address-policy-wg] 2008-08 (Initial Certification Policy in the RIPE NCC Service Region) going to Last Call
- Next message (by thread): [address-policy-wg] 2008-08 (Initial Certification Policy in the RIPE NCC Service Region) going to Last Call
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]