[ncc-services-wg] 2016-02 New Policy Proposal (Resource Authentication Key ( RAK ) code for third party authentication)

Hi,

On Mon, May 02, 2016 at 03:30:22PM +0200, Job Snijders wrote:
> I think you are referring "irrlockdown" which is a slightly different
> approach on route-filter generation. IRRLockdown promotes the idea of
> outright ignoring route-objects which are covered by RIPE NCC managed IP
> space, from all IRR databases except RIPE itself. Today "irrlockdown"
> has not been deployed in NTT due to certain as of yet unresolved
> software & communication challenges. 

Oh, indeed.  I assumed that this has been implemented and is live already
(and I applaud you for the effort, even if it's still being stalled).

> I guess irrlockdown and proposal 2016-02 aim for the same result, but
> come from very different directions. One approach hinges on "don't
> publish or consume unverifiable data" the other is I guess "make it
> possible to verify data prioir to publishing and consumption".
> 
> As to the policy proposal itself: I would probably benefit from a
> (highlevel) diagram displaying which interactions on which pieces of the
> data happen where and how that results in something useful.

... and some argument why it cannot be done with a RPKI ROA lookup, or
a plain whois lookup.

Gert Doering
        -- NetMaster
-- 
have you enabled IPv6 on something today...?

SpaceNet AG                        Vorstand: Sebastian v. Bomhard
Joseph-Dollinger-Bogen 14          Aufsichtsratsvors.: A. Grundner-Culemann
D-80807 Muenchen                   HRB: 136055 (AG Muenchen)
Tel: +49 (0)89/32356-444           USt-IdNr.: DE813185279
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: </ripe/mail/archives/ncc-services-wg/attachments/20160502/116efcbc/attachment.sig>