Reaching out to ARIN members about their RPKI INVALID prefixes
nusenu-lists at riseup.net
Wed Sep 19 07:46:00 UTC 2018
> Personally, since all RPKI accomplishes is providing a
> cryptographically signed notation of origin ASNs that hijackers
> should prepend to their announcements in order to create an aura of
> credibility, I think we should stop throwing resources down this
regardless of how one might think about RPKI, there are ROAs out
there that reduce the visibility/reachability of certain prefixes and the
general assumption is that announced prefixes would like to be reachable
even if the operator doesn't care about RPKI and ROAs from the past anymore, he most likely cares
about reachability from a pure operational point of view.
my email was not about: "How much does one like RPKI?"
it is about whether it is acceptable that RIRs (and more specifically ARIN in this mailing list's context)
notify affected parties of their prefixes that suffer from stale ROAs.
Even if one dislikes RPKI entirely the opinion could still be "yes notifying those parties makes sense
to restore reachability".
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 833 bytes
Desc: OpenPGP digital signature
More information about the NANOG