RPKI adoption (was: Re: Corporate Identity Theft: Azuki, LLC -- AS13389, 216.179.128.0/17)
Michel Py
michel.py at tsisemi.com
Thu Aug 15 23:49:30 UTC 2019
Hi John,
> John Curran wrote :
> Even so, we at ARIN are in the midst of a Board-directed review of the RPKI legal framework to see if any improvements can be made
> <https://www.arin.net/vault/participate/meetings/reports/ARIN_43/PDF/PPM/curran_rpki.pdf> – I will provide further updates once it is completed.
Thanks, we appreciate the effort.
That being said, something has to be done. I feel that the RPKI validation by ARIN is somehow useless. Why : because few download the TAL (at least in part because of the indemnisation clause).
Therefore, many networks that do RPKI validation do validate prefixes from the other 4 RIRs but not mine.
In simple words : why bother validating, if all of most of the networks that could block invalid prefixes don't, because the TAL agreement is not palatable.
I understand that ARIN has to deal with a legal system that makes things difficult, but OTOH I would like ARIN's RPKI validation to provide the same protection than the other RIRs, which it currently does not.
I created my ROAs, but I am not protected as well as an Org belonging to another RIR.
Michel
TSI Disclaimer: This message and any files or text attached to it are intended only for the recipients named above and contain information that may be confidential or privileged. If you are not the intended recipient, you must not forward, copy, use or otherwise disclose this communication or the information contained herein. In the event you have received this message in error, please notify the sender immediately by replying to this message, and then delete all copies of it from your system. Thank you!...
More information about the NANOG
mailing list