This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/
[anti-abuse-wg] [routing-wg] An arrest in Russia
- Previous message (by thread): [anti-abuse-wg] [routing-wg] An arrest in Russia
- Next message (by thread): [anti-abuse-wg] [routing-wg] An arrest in Russia
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Randy Bush
randy at psg.com
Sat Jan 4 20:12:15 CET 2020
> RPKI in its current form provides an insulation layer which stops > certain types of misorigination problems and mitigates others, but has > almost no impact on the wider question of policy routing. > > RPKI also works quite well from the point of view of incremental > deployment, i.e. it's not necessary to aim for universal or > near-universal adoption. > > Policy routing is difficult. We tried to fix it years ago with RPSL > and that failed. There have been several attempts to look at this > since then but they've all floundered because it's a fundamentally > complex problem which involves a lot of different areas including > policy management, i.e. codification of human judgement; deployment > of this policy to networking equipment which doesn't have the hooks to > implement this at scale; how to accurately model a routing policy > right down to igp / egp interaction so that you have a balance between > enough scope to describe routing policy at a per-router, > per-peer-address, per prefix level, but at the same time not making it > so complex that people would be scared away from implementing it > reasonably; and many other things. > > RPKI aims to address some specific problems relating to mis-routing - > cherry picking, if you will - and to provide a 90% solution for those > problems. just in case anybody is wondering, i think nick is about right here except, i think the above is actually about rpki-based origin validation, aka rov, not the rpki, which is a database randy
- Previous message (by thread): [anti-abuse-wg] [routing-wg] An arrest in Russia
- Next message (by thread): [anti-abuse-wg] [routing-wg] An arrest in Russia
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]