ARIN's RPKI Relying agreement
jcurran at arin.net
Fri Dec 5 07:34:12 UTC 2014
On Dec 4, 2014, at 2:19 PM, Sandra Murphy <sandy at tislabs.com> wrote:
> Which begs the question for me -- ARIN already operates services that operators rely upon. Why are they different? Does ARIN run no risk of litigation due to some perceived involvement of those services in someone's operational outage?
From the discussion over on PPML...
Parties are likely to use RPKI services such that (as someone put
it recently) - "routing decisions are affected and breakage happens”
While such impacts could happen with whois, parties would have to
create the linkages themselves, whereas with RPKI it is recognized
that the system is designed to provide information for influencing of
routing decisions (a major difference, and one that a judge could be
made to recognize if some service provider has a prolonged outage
due to their own self-inflicted Whois data wrangling into routing filters.)
Given the nature of RPKI, it is clear that ARIN needs to engineer the
service with full awareness of the potential risks (even though such
risks are predominantly the result of parties using RPKI data without
appropriate best practices.) We have no problem offering a highly-
reliable service; the risk of concern stems from third-parties who suffer
major damages and want to assert that it was the result of an ISP’s
misusage of ARIN’s RPKI service or ARIN’s RPKI service itself, even
if the underlying cause in truth was completely unrelated to ARIN’s
RPKI services. Recognize that large harmed parties tend to litigate
everyone, with the innocent parties extracting themselves only after
lengthy battles, and such battles are very difficult when it comes to
proving the proper state of technical service at a given point in time.
I hope this helps in outlining some of the significant differences.
President and CEO
More information about the NANOG