On Mon, May 09, 2011 at 12:52:15PM +0200, Erik Bais wrote:
I am not worried about the RPKI being used as a vector for takedown requests by law enforcement or others. I am worried about more informal situations. What does the NCC do when the cops knock on the door and say "We don't have a court order and *really* want you to revoke this cert. Please co-operate."? And although I mentioned law enforcement, there may well be others who would wish to push those boundaries.
Kind requests like these get waived at the reception, even before someone would look at it.
I guarantee you they won't if someone shows up with a "National Security Letter" or whatever the EU equivalent may be that orders you to comply *and keep your mouth shut about it*. http://en.wikipedia.org/wiki/Nicholas_Merrill You may also want to watch his presentation at 27C3...
I'm sure someone from RIPE NCC could provide a summary of their policy in requests like that.
If they can, see above. Folks, this proposal fundamentally changes the very nature of the internet as a loose association of independent networks without any central or hierarchical authority other than that of the network owners over *their* network. I think it is only right to perform a detailed and very careful technical *and political* risk assessment of all and any "unintended" consequences of such a change. rgds, Sascha Luck