rpki vs. secure dns?

• Previous message (by thread): rpki vs. secure dns?
• Next message (by thread): rpki vs. secure dns?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On May 28, 2012, at 1:59 PM, Paul Vixie wrote:
> third, rsync's dependencies on routing (as in the RPKI+ROA case) are not
> circular (which i think was david conrad's point but i'll drag it to here.)

Nope.  My point was that anything that uses the Internet to fetch the data (including rsync) has a circular dependency on routing. It's just a question of timing.

> ROVER expects that we will query for policy at the instant of need.

Might want to review https://ripe64.ripe.net/presentations/57-ROVER_RIPE_Apr_2012.pdf, particularly the slide entitled "Avoid a Cyclic Dependency".

As far as I can tell, ROVER is simply Yet Another RPKI Access Method like rsync and bittorrent with its own positives and negatives.  

Regards,
-drc

• Previous message (by thread): rpki vs. secure dns?
• Next message (by thread): rpki vs. secure dns?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]