<div dir="ltr">Mark,<br><br>I think trying to implement some kind of license requirement for DFZ participants is a step in the wrong direction and a waste of time and money. How would you even enforce it? If the goal is just to provide a bigger barrier to "kids born after 9/11", why not just increase RIR fees, or add an age requirement for individuals? And anyway, why do we need to increase that barrier? What problem does that actually solve? Are "kids born after 9/11" the ones propagating route leaks? I don't think they are. But the reason for that is not that they're necessarily more skilled operators than "adults born before 9/11" or anyone else - it's that they are being filtered appropriately by the likes of Vultr, etc. Verizon (and other large incumbents) could learn something from them.<br><br>Let's try to stay away from exclusivity for exclusivity's sake and actually focus on solving the real problems we have.</div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Sun, Aug 2, 2020 at 12:45 PM Mark Tinka <<a href="mailto:mark.tinka@seacom.com">mark.tinka@seacom.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div>
<br>
<br>
<div>On 2/Aug/20 01:44, Ryan Hamel wrote:<br>
</div>
<blockquote type="cite">
<div>Matt,</div>
<br>
<div><font style="font-size:14.5px"><font>Why are you blaming the ease of
use on the vendor, for the operators lack of knowledge
regarding BGP? That is like blaming a vehicle manufacturer
for a person pressing the gas pedal in a car and not giving
a toss about the rules of the road. The base foundation
regarding the rules of the road mostly apply the same for
driving a car, truck, bus, and semi/lorry truck. There is no
excuse for ignorance just because the user interface is
different (web browser vs. SSH client).</font></font></div>
</blockquote>
<br>
Actually, there is.<br>
<br>
One has to actually acquire knowledge about not only driving a car,
but driving it in public. That knowledge is then validated by a
gubbermint-sanctioned driver's license test. If you fail, you aren't
allowed to drive. If you are caught driving without a driver's
license, you pay the penalty.<br>
<br>
There is no requirement for a license in order to run power into a
router and hook it up to the Internet. This is the problem I have
with the current state of how we support BGP actors.<br>
<br>
<blockquote type="cite">
<div>Adding a take on this, there are kids born after 9/11, with
IP allocations and ASNs experimenting in the DFZ right now. If
they can make it work, and not cause harm to other members in
this community, it clearly demonstrates a lack of knowledge, or
honest human error (which will never go away).</div>
</blockquote>
<br>
We should not be celebrating this.<br>
<br>
<br>
<blockquote type="cite"><br>
<div><font style="font-size:14.5px"><font>Anything that can be used, can be
misused. With that said, why shouldn't ALL BGP software
implementations encourage best practice? They decided RPKI
validation was a good thing.</font></font></div>
</blockquote>
<br>
The larger question is we should find a way to make our industry
genuinely qualification-based, and not "free for all that decides
they want to try it out".<br>
<br>
I don't yet know how to do that, but we certainly need to start
thinking more seriously about it. Kids born after 9/11 successfully
experimenting on a global network is not where the bar ought to be.<br>
<br>
Mark.<br>
</div>
</blockquote></div>