Dear address-policy-wg, I, too, share many of the concerns Malcolm (and others following on his comments) voiced here. I do not feel that this policy should be adopted. In addition to many of the philosophical and political concerns outlined by Malcolm (whom I would like to thank for putting them down in writing so eloquently) as to why this policy might effectively be a Pandora's box of undesirable outcomes - I also find the resources allocated by the RIPE NCC internally to RPKI efforts would be much better used if applied to furthering the usability, tooling, and user education for RPSL, which, in my opinion offers many of the capabilities the proponents of RPKI expect to see from the implementation of this policy. RPSL as a mechanism is at least partially implemented by many participants in the DFZ today, and it can be reasonably argued that by adding as little as a scalable and SSL/TLS-secured interface to the RIPE whois database, the goal of a single trust anchor containing 'definitive' information on the ownership of each allocated and assigned resource in machine-readable format is already achieved. This information, in turn, can be used both by BSS/OSS systems and, if implemented, directly by network devices to make decisions on the validity of routing information. With all this in mind, I can not support this policy. -- Respectfully yours, David Monosov On 05/03/2011 01:31 PM, Malcolm Hutty wrote:
I am afraid I don't believe this policy should be adopted at this time.