On 3 May 2011 15:42, Erik Bais <ebais@a2b-internet.com> wrote:
Hi James & Malcolm,
I agree that it should at least re-visited as some of the wider implications might have been missed in the process as the focus has been with the technical solution to the 'problem' rather than potential for 'outside influence'.
The policy by itself doesn't require you to automate the process within your network to accept / deny / discard prefixes.
No but listening to people describing it as an automated tool for routers to make decisions really scared me...
I will however use the repository to check if what my customers want to start to announce to our network. And when PI is going to be accepted after this policy, also PI.
This a useful function of the RPKI (and the use that I expected this for, when it moves to automation then I have the fear.
The question is not what you are planning to do within your network with this or how paranoid you plan to be in regards to the tools around this. If you don't want to use the provided tools from RIPE NCC, run your own CA. If you don't want to use RPKI, fine as well, no-body is forcing you.
Actually they way its being described (as a security tool) its being pushed as a "must use" rather than nice tool.
However with the hijacking of (legacy) IP space and ownership of especially pre-rir IP space, we need to get a policy in place that will allow us to do this.
Really? Would a policy to get the legacy space under control and ownership more tightly recorded be more useful for the community as a whole.
Is the current policy perfect ? As in, final and all inclusive etc ? nope..
Agreed
Is it a good start ? Imho.. a full YES !
Er, there is a difference - its a good idea, but I don't think its ready for showtime considering how people are talking about using it... Is bit-torrent a good idea? Is it an efficient way of distributing content for the content owner? Shouldn't all content be distributed using bit-torrent? depending on who you are and where you sit in the value chain you'll give different answers to the above questions but you'll agree that bit-torrent is a really clever solution to the problem of content distribution.
I'm on the RIPE meeting atm, let's have a cup of coffee if needed on the
:) /me sets phaser on lightly disintegrate... J -- James Blessing 07989 039 476