[arin-announce] ARIN Resource Certification Update

Charles N Wyble charles at knownelement.com
Tue Jan 25 21:54:09 CST 2011


On 1/24/2011 8:52 PM, Roland Dobbins wrote:
> On Jan 25, 2011, at 11:35 AM, Christopher Morrow wrote:
>
>> thinking of using DNS is tempting
>
> The main arguments I see against it are:
>
>
> 2.	The generally creaky, fragile, brittle, non-scalable state of the overall DNS infrastructure in general.

Can you expand on this a bit?

> Routing and DNS, which are the two essential elements of the Internet control plane, are e also its Achilles' heels.  It can be argued that making routing validation dependent upon the DNS would make this situation worse.
>
> The main reasons for it are those Danny stated:
>
> 1.	DNS exists.
>
> 2.	DNSSEC is in the initial stages of deployment.
>
> 3.	There's additional relevant work going on which would make DNS more suitable for this application.
>
> 4.	Deployment inertia.
>

I kind of like the DNS idea. Though some challenges have been raised in 
this thread that warrant further discussion.  In particular the in.addr 
delegation scenarios between RIRs.






More information about the NANOG mailing list