This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/
[routing-wg] 2019-08 Review Phase (SLURM file for Unallocated and Unassigned RIPE NCC Address Space)
- Previous message (by thread): [routing-wg] 2019-08 Review Phase (SLURM file for Unallocated and Unassigned RIPE NCC Address Space)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
George Michaelson
ggm at algebras.org
Tue May 26 03:04:20 CEST 2020
> and will all rirs issue an as0 for 10/8? nice. at least, if i use net > 10 internally, my local root ca's roas for it will override your 5 or > whatever as0 roas. This is a good operating model I think. If I wanted some assurance of internal intent, I would do this. A SLURM file is simpler, less overhead, but I would probably do what you are doing here. (I don't have this burden, I don't operate routing-active systems) > > We proposed this during initial deployment to ensure we had a > > make-before-break outcome for relying parties, but it does reduce > > uptake (during the test period at best <100 people have participated) > > perhaps because ops seem disinclined to complex tal management. Yes. I think thats very likely but we are talking about a small number at this stage, the distinction here being what is included in s/w distribution for most people. > > If we include the AS0 under the mainline TAL, then this is 'opt out' > > behaviour for RP's (they would have to do conscious work e.g. locally > > managed SLURM) to re-validate prefixes, rather than opt-in. > > back to an unauthenticated slurm, eh? Well caught. I think use of this kind of "magic override" is not the first preference, but its logistically simple. I don't like the model of sourcing a SLURM file from outside. Its a local-override mechanism. Di Ma published how to distribute slurm over trusted communications, and I commented about how I still feel uncomfortable about the lack of validation in what SLURM says. > > randy, who also did not like or use the dnssec dlv hack Neither did I FWIW. -G
- Previous message (by thread): [routing-wg] 2019-08 Review Phase (SLURM file for Unallocated and Unassigned RIPE NCC Address Space)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]