[arin-announce] ARIN Resource Certification Update

Danny McPherson danny at tcb.net
Tue Jan 25 01:24:22 UTC 2011


On Jan 24, 2011, at 7:16 PM, Randy Bush wrote:
> 
> i understand fearing holding others' private keys and critical data.  no
> blame there.
> 
> <separate subject>
> but out of curiousity, how reality based are arin's general liability
> fears?  in the last few years, how many times has arin been a named
> defendant in a law suit?  how many times a [principal] plaintiff?

How many times has the operational integrity of ARIN's infrastructure 
influenced actual routing on the Internet in the past?  Seems like
well-placed concern on behalf of the ARIN BoT, IMO.

<separate subject> 
Beginning to wonder why, with work like DANE and certificates in DNS
in the IETF, we need an RPKI  and new hierarchical shared dependency 
system at all and can't just place ROAs in in-addr.arpa zone files that are 
DNSSEC-enabled. 

--but very happy we have some progress for Internet number resource 
certification.

-danny




More information about the NANOG mailing list