Verifying route origins and ownership (Was: ARIN Fraud Reporting Form ... Don't waste your time)

• Previous message (by thread): Verifying route origins and ownership (Was: ARIN Fraud Reporting Form ... Don't waste your time)
• Next message (by thread): ARIN Fraud Reporting Form ... Don't waste your time
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Oct 1, 2010 at 11:12 AM, Jeroen Massar <jeroen at unfix.org> wrote:
> On 2010-10-01 17:04, Christopher Morrow wrote:
> [..]
>> I think so far the models proposed in SIDR-wg include:
>>   o more than one cert tree (trust anchor)
>
> Why not in a similar vain as RBLs: white and black lists.
>

I'm sure someone will think it's a fine plan to set up a TA and sign
down ROA's that indicate 'badness' or 'invalid' or something similar.
There's nothing stopping that, similarly today you COULD subscribe to
a BGP feed of subnets of actually seen routes rewriting the next-hop
to dsc0/Null0/honeypot...

I don't think this sort of thing is in the SIDR-wg's charter though...
much like RBL's are not in DNS-EXT's charter?

-chris

• Previous message (by thread): Verifying route origins and ownership (Was: ARIN Fraud Reporting Form ... Don't waste your time)
• Next message (by thread): ARIN Fraud Reporting Form ... Don't waste your time
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]