This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/
[ncc-services-wg] 2013-04 New Policy Proposal (Resource Certification for non-RIPE NCC Members)
- Previous message (by thread): [ncc-services-wg] 2013-04 New Policy Proposal (Resource Certification for non-RIPE NCC Members)
- Next message (by thread): [ncc-services-wg] 2013-04 New Policy Proposal (Resource Certification for non-RIPE NCC Members)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Randy Bush
randy at psg.com
Mon May 20 18:02:20 CEST 2013
From http://en.wikipedia.org/wiki/Terrorism Common definitions of terrorism refer only to those violent acts which are intended to create fear (terror); are perpetrated for a religious, political or, ideological goal; and deliberately target or disregard the safety of non-combatants (civilians). ... The concept of terrorism may be controversial as it is often used by state authorities (and individuals with access to state support) to delegitimize political or other opponents. In this sense, the American (and other) press have become non-violent terrorists, creating and maintaining public fear for profit. It has been said that the last decade++ of the US Government has done so to further enrich the top 0.001. Analogously, fear is being used to prevent me, as an operator, from protecting my network in a manner that I choose and which only affects my network. Mis-origination occurs daily, and there have been no known abuses of ROAs. Yet there are those who would use unrealistic fear to prevent you and me from using them to improve protection of our networks. Yes, the 'Dutch Court attack' could be used against me. But it is far more likely that some net black hat or idiot will mis-originate my prefix. And yes, like everything else on the Internet, some perp will figure out how to abuse it. But it should be *my* choice whether or not to use a ROA to protect it. When the people with guns and lawyers want to take you off the net, they will, and they have. Two weeks ago, the USG took 7,000 Syrian domains out. The other year 120,000! Ask MegaDownload if they had problems with ROAs. Can we please try to be somewhat realistic about how vulnerable we are to black helicopters? And I am aware of the issues in issuing a ROA. It was I who presented the issues in http://archive.psg.com/110502.ripe-bgpsec-policy.pdf in the RIPE meeting in May 2011, which started all this anti-RPKI noise. The costs for me to issue and maintain a ROA are negligible, and the costs for others to validate my announcements are impressively small. The system was designed with incremental deployment, various levels of reliance, many flavors of disabling in routers, etc. If I wish to trust it, that is *my* prerogative. Please do not place a complicated bureaucracy of fear in my way. Please do not tell me how I must run my network. randy
- Previous message (by thread): [ncc-services-wg] 2013-04 New Policy Proposal (Resource Certification for non-RIPE NCC Members)
- Next message (by thread): [ncc-services-wg] 2013-04 New Policy Proposal (Resource Certification for non-RIPE NCC Members)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]