A top-down RPKI model a threat to human freedom? (was Re: Level 3's IRR Database)
Carlos M. Martinez
carlosm3011 at gmail.com
Tue Feb 1 22:15:19 UTC 2011
Although I support Rpki as a technology, there are legitimate concerns that it could be abused. I now believe that Rpki needs work in this area at IETF level so the concerns are adressed.
I imagine some form of secret sharing among different parties or sme form of key escrow. I am sure that it is not an easy problem, but maybe some progress can be made in this direction.
Regards
Carlos
On Feb 1, 2011, at 7:33 PM, Michael Hallgren <m.hallgren at free.fr> wrote:
> Le mardi 01 février 2011 à 12:14 -0500, Christopher Morrow a écrit :
>> On Sun, Jan 30, 2011 at 2:55 PM, Martin Millnert <millnert at gmail.com> wrote:
>>> Here be dragons,
>> <snip>
>>> It should be fairly obvious, by most recently what's going on in
>>> Egypt, why allowing a government to control the Internet is a Really
>>> Bad Idea.
>>>
>>
>> how is the egypt thing related to rPKI?
>> How is the propsed rPKI work related to gov't control?
>>
>>> architecturally/technologically *impossible* for a entity from country
>>> A to via-the-hierarchical-trust-model block a prefix assigned to some
>>> entity in country B, that is assigned by B's RIR and in full
>>> accordance with the RIR policies and in no breach of any contract.
>>
>> countries do not have RIR's, countries have NIR's... regions have RIR's.
>
> In this context, at least, perhaps the NIR should be considered
> superfluous or redundant? What is the operational rationale behind the
> NIR level? Wouldn't a flatter RIR-LIR structure do just fine?
>
> mh
>
>>
>
>
More information about the NANOG
mailing list