RPKI adoption (was: Re: Corporate Identity Theft: Azuki, LLC -- AS13389, 216.179.128.0/17)
Ronald F. Guilmette
rfg at tristatelogic.com
Wed Aug 14 20:27:29 UTC 2019
In message <F5375602-22D5-4983-8D8D-27252732E874 at arin.net>,
John Curran <jcurran at arin.net> wrote:
>Alas, it’s not those who fail to properly configure RPKI that are likely to be
>litigating, but rather their impacted customers and those customers' business
>partners who all were unable to communicate due to no fault of their own.
>
>Such a matter will not be thrown out of court, but will be the start of a long
>and very expensive process involving claims, discovery, experts, etc...
Perhaps. There are certainly some big players (AWS) that if routing were
interrupted for even, say, 12 hours, a lot of folks would get really mad
about.
Correct me if I'm wrong, but one of your presentation slides seemed to
suggest that a separate arms-length legal entity could be established
to do the RPKI stuff, thus offloading most or all of the potential
liability onto and into this separate entity, which could conveniently
have minimal assets of the kind that might inspire members of the
plaintiff's bar who are looking for deep pockets.
Is that an actual possibility, or did you just throw that in there for the
sake of completness?
Personally, I don't much care how the problem gets solved, as long as it
gets solved. The fundamental BGP problem has been known and discussed
now for 20+ years and it is only getting more dire and ominous, day by day.
Regards,
rfg
More information about the NANOG
mailing list