[routing-wg] 2019-08 Review Phase (SLURM file for Unallocated and Unassigned RIPE NCC Address Space)

> and will all rirs issue an as0 for 10/8?  nice.  at least, if i use net
> 10 internally, my local root ca's roas for it will override your 5 or
> whatever as0 roas.

This is a good operating model I think. If I wanted some assurance of
internal intent, I would do this. A SLURM file is simpler, less
overhead, but I would probably do what you are doing here. (I don't
have this burden, I don't operate routing-active systems)

> > We proposed this during initial deployment to ensure we had a
> > make-before-break outcome for relying parties, but it does reduce
> > uptake (during the test period at best <100 people have participated)
>
> perhaps because ops seem disinclined to complex tal management.

Yes. I think thats very likely but we are talking about a small number
at this stage, the distinction here being what is included in s/w
distribution for most people.


> > If we include the AS0 under the mainline TAL, then this is 'opt out'
> > behaviour for RP's (they would have to do conscious work e.g. locally
> > managed SLURM) to re-validate prefixes, rather than opt-in.
>
> back to an unauthenticated slurm, eh?

Well caught. I think use of this kind of "magic override" is not the
first preference, but its logistically simple. I don't like the model
of sourcing a SLURM file from outside. Its a local-override mechanism.
Di Ma published how to distribute slurm over trusted communications,
and I commented about how I still feel uncomfortable about the lack of
validation in what SLURM says.

>
> randy, who also did not like or use the dnssec dlv hack

Neither did I FWIW.

-G