BGP to doom us all

Daniel Karrenberg daniel.karrenberg at ripe.net
Tue Mar 4 15:08:43 UTC 2003


On 28.02 18:13, Barry Raveendran Greene wrote:
> 
> Now - show me an operational environment on the Internet were this authorization
> chain is _working_ today. RIRs and RADB do not count. As you mention before,
> those databases and keeping them up to date are a "pulling teeth" exercise.
> 
> ...
> 
> My opinion is that lazy operational practices are the single biggest threat to
> the Internet. What's the point of building security and robustness into a system
> when people choose not to turn it on?

RIRs do count and the infrastructure to set up the chain is there. 
Address assignment and allocation is a quite formal and well recorded
process these days. 

The address *allocation&assignment* databases are in good shape for
about the last 8 years.  The fact that they are not in good shape for
assignments from "the good old days" is true.  But this is being
actively worked on and one should not blow it up out of proportion. 

Deploying technologies like SBGP would of course provide additional
incentives to record allocations and assignments and the resulting
signing of certs even better. 

Daniel



More information about the NANOG mailing list