RPKI adoption (was: Re: Corporate Identity Theft: Azuki, LLC -- AS13389, 216.179.128.0/17)
Rubens Kuhl
rubensk at gmail.com
Wed Aug 14 16:41:21 UTC 2019
On Wed, Aug 14, 2019 at 1:09 PM John Curran <jcurran at arin.net> wrote:
> On 14 Aug 2019, at 11:15 AM, Valdis Klētnieks <valdis.kletnieks at vt.edu>
> wrote:
> >
> > On Wed, 14 Aug 2019 02:42:09 -0000, John Curran said:
> >
> >> You might want want to ask them why they are now a problem when they
> weren’t
> >> before (Also worth noting that many of these ISP's own contracts with
> their
> >> customers have rather similar indemnification clauses.)
> >
> > Actually, it's probably ARIN that should be doing the asking, and seeing
> if
> > they can change the wording and/or rephrase the issue to allay concerns.
> >
> > It sounds to me like ARIN's *intent* was "if you get sued by your
> customers because
> > you screw the pooch on deployment, it's your screw-up to clean up and
> not our
> > problem". Or at least I *hope* that was the intent (see next paragraph)
>
> That is indeed the intent - please deploy routing validation using best
> practices, so that you & your customers don’t suffer any adverse impact
> when ARIN's repository is not available.
>
>
Or, move all your number resources to a subsidiary in the AP region, pay
membership fees to APNIC instead of ARIN, and use their trust anchor
instead of ARIN's.
BTW, since all 5 RIRs have certificates signing the whole IP address space,
it really makes no difference.
Rubens
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20190814/bfde6a9e/attachment.html>
More information about the NANOG
mailing list