RPKI Pilot Participant Notice

John Curran jcurran at arin.net
Fri Sep 7 01:45:16 CDT 2012


On Sep 7, 2012, at 7:31 AM, Randy Bush <randy at psg.com>
 wrote:

>> If a relying party's use of PKI infrastructure legally equated to 
>> acceptance of the relying party agreement (RPA), then having an 
>> explicit record of acceptance of the RPA would not be necessary.  
>> 
>> Alas, it does not appear possible to equate use of PKI certificates 
>> with agreement to the associated RPA (and some might argue that this 
>> is a feature, as some folks would not want to be legally bound to an 
>> agreement which they did not explicitly review and accept.)
> 
> do you have a r&d group devoted to how much you can delay, damage, warp,
> half-assed implement, ... rpki?  look around you at the real world, the
> other rirs (especiall ripe/ncc), etc.  the only part of it where arin
> seems to be doing a serious job is bs generation.  thanks.

Good morning Randy - 

  Are you indicating that RPKI services should be offered without any
  RPA (and/or CPS) at all, or that these agreements should legally 
  adhere without explicit agreement?   There is an statement expressing
  that CPS or RPA might benefit from the latter treatment in section 
  3.4 of the Internet PKI framework (RFC 3647), but it does not actually
  hold legally true at the present time.  If you have more insight or 
  clarity on this matter, it would be most welcome.

Thanks!
/John

John Curran
President and CEO
ARIN








More information about the NANOG mailing list