Level 3's IRR Database

• Previous message (by thread): Level 3's IRR Database
• Next message (by thread): hi)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hey Martin,

I see your point and I believe it is a concern that should be addressed.

tks

Carlos

On 1/31/11 3:59 AM, Martin Millnert wrote:
> Carlos,
>
> On Sun, Jan 30, 2011 at 9:22 PM, Carlos Martinez-Cagnazzo
> <carlosm3011 at gmail.com> wrote:
>> Hi,
>>
>> this is the second mention I see of RPKI and Egypt in the same
>> context. I sincerely fail to see the connection between both
>> situations.
>>
> It is quite simple actually.
>
> 1. Governments (eventually) want to take pieces of the Internet
> offline, and Egypt is only the latest abundantly clear proof of this
> desire.
> 2. RPKI might make this easier to accomplish than before, effectively
> leading to more censorship than without it.
>
> My fear is that of the big red DELETE-FROM-THE-INTERNET-button:
>
> If the system becomes widely deployed, it is an even shorter step to
> make for various lawmakers in various countries to legislate how RPKI
> is to be used.
> There are obviously other ways for your local autocrat to cut the
> Internet down, but this would undoubtedly add a potential fine-grained
> mechanism on top of it that I fail to see how it will not be abused.
>   Eg, it'd be possible to, with the right hand, require that all ISPs
> treats RPKI in a certain way (abstract away the censorship to all
> ISPs, even those in other countries(!), own routers, once the
> technology is in place), and with the left hand cherry pick what can
> be on and what can be off, at a much, much lower cost than unplugging
> everything (Egypt), or buying lots of cool hardware (China). (This is
> a bad thing, btw.)
>
> I'd happily see an explanation of RPKI that clears these fears from my
> mind, and I'm fairly sure that I am not crazy for having them...
> (Meanwhile I will read all of Randy's recommended reading.)
> And yes there are a myriad of other ways to shut things down from the
> Internet, but none of them are as integrated with the Internet as RPKI
> would be, right? Plus, I don't really see adding another way to shut
> things down as a positive thing, because of the apparent abuse-vector
> it represents.
>
> Regards,
> Martin
>
> (With tiny, tiny steps, nobody will understand how we ended up where
> we end up, and by then it's hard to retract.)
>
>> On Sun, Jan 30, 2011 at 7:53 PM, Brandon Butterworth
>> <brandon at rd.bbc.co.uk> wrote:
>>>>> I think it is too early in the deployment process to start dropping
>>>>> routes based on RPKI alone. We'll get there at some point, I guess.
>>>> Do we really *want* to get to that point?
>>> I thought that was the point and the goal of securing the routing
>>> infrastructure is laudable. But the voices in my head say don't trust
>>> them with control of your routes, see what happened in Egypt.
>>>
>>> brandon
>>>
>>>
>>
>>
>> --
>> --
>> =========================
>> Carlos M. Martinez-Cagnazzo
>> http://www.labs.lacnic.net
>> =========================
>>
>>

• Previous message (by thread): Level 3's IRR Database
• Next message (by thread): hi)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]