This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/
[address-policy-wg] Policy update request on certification of transferred IPv4 allocations
- Previous message (by thread): [address-policy-wg] Policy update request on certification of transferred IPv4 allocations
- Next message (by thread): [address-policy-wg] Policy update request on certification of transferred IPv4 allocations
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
McTim
dogwallah at gmail.com
Thu Feb 21 13:46:37 CET 2013
On Thu, Feb 21, 2013 at 4:23 AM, Andrew de la Haye < ripencc-management at ripe.net> wrote: > [Apologies for duplicate emails] > > Dear colleagues, > > Based on recent discussions on the RIPE Address Policy WG mailing list, > the RIPE NCC is now seeking policy related action from the RIPE > community with regards to clear guidelines on how it should proceed with > certifying transferred IPv4 allocations. > > It has recently come to our notice, via two of the policy authors, that > the original intention (in 2007) of the sentence "Re-allocated blocks > will be signed to establish the current allocation owner" was that the > transferred block *must* be signed *after* the transfer in order to > completely establish holdership. > > This sentence can be found under section 5.5 of "IPv4 Address Allocation > and Assignment Policies for the RIPE NCC Service Region" here: > http://www.ripe.net/ripe/docs/ripe-582#Transfers-of-Allocations > > Because the RIPE community provided guidance saying that certification > should be an opt-in system, the RIPE NCC built an RPKI Certification > system based on this opt-in notion, therefore it is not currently > possible for the RIPE NCC to issue certificates without the resource > holder initiating the process. > > Therefore, the RIPE NCC's interpretation and implementation of this > specific sentence has been: > > Registration Services verifies and reflects the change in holdership of > the re-allocated blocks by updating the database objects and internal > records following the transfer. Any certificates that had been attached > to these number resources before the transfer automatically become > invalid/revoked due to the holdership change. The transfer recipient can > then request a new certificate for the address space and the RIPE NCC > will proceed to sign these resources to establish the current allocation > holder. > > Therefore, the RIPE NCC does not make certification of any resources > mandatory. > > As the sentence in section 5.5 of "IPv4 Address Allocation and > Assignment Policies for the RIPE NCC Service Region" is open to > interpretation, the RIPE NCC is seeking representative(s) from the RIPE > community to submit an update to ripe-582 that will replace this > sentence with more accurate and appropriate wording or perhaps remove it > completely. > How about replacing; "Re-allocated blocks will be signed to establish the current allocation owner." with: "Re-allocated blocks will be signed to establish the current allocation holder if the receiving party chooses." ?? -- Cheers, McTim "A name indicates what we seek. An address indicates where it is. A route indicates how we get there." Jon Postel -------------- next part -------------- An HTML attachment was scrubbed... URL: </ripe/mail/archives/address-policy-wg/attachments/20130221/5872ca99/attachment.html>
- Previous message (by thread): [address-policy-wg] Policy update request on certification of transferred IPv4 allocations
- Next message (by thread): [address-policy-wg] Policy update request on certification of transferred IPv4 allocations
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]