IPv4 Hijacking For Idiots

John Curran jcurran at arin.net
Sun Jul 2 17:28:34 UTC 2017


On 6 Jun 2017, at 9:25 PM, Bryan Fields <Bryan at bryanfields.net> wrote:
> 
> On 6/6/17 9:13 PM, Mark Andrews wrote:
>> Getting to that stage requires several companies to simultaneously
>> say "we will no longer accept <list> as valid mechanisms to verify
>> routes announcements.  You need to use X or else we won't accept
>> the announcement".  Yes, this requires guts to do.
> 
> And what of legacy address holders?  ARIN will not permit RPKI use of their
> blocks.

Note that ARIN does provide RPKI services for legacy blocks, but it is true that we 
require more legalisms than other RIRs…  You can caulk this up to the abundance 
of legacy resources of questionable provenance in this region, to the colorful US 
legal environment, and/or to a desire not to endanger the services we’re already 
providing to thousands of customers. 

(Interestingly enough, parties in the other regions agree to very similar terms
and conditions when they use the respective RPKI services, only the binding 
is implicit and thus somewhat unseen to the user…  <chuckle>) 

Thanks!
/John

John Curran
President and CEO
ARIN




More information about the NANOG mailing list