On Dec 4, 2014, at 11:26 AM, David Huberman
<[email protected]<mailto:[email protected]>> wrote:
I'd normally agree with this. I'd rather take risk as Microsoft than have ARIN
take the risk.
But consider: We pay for ARIN services, but ARIN refuses to warranty that the
services we pay for (rDNS, RPKI, and Whois) will be available.
Why doesn't the RSA warranty those basic and critical operational services?
The reason that the RIRs have disclaimer of warranty and indemnification clauses
for RPKI services is actually quite simple: despite striving to deliver highly
available
RPKI services, you are supposed to be using best practices in use of the
service,
and this include recognizing that failures can occur and such should not result
in
operation impact (i.e. exactly the opposite of your “my routing decisions are
affected
and breakage happens” statement in your prior email.) Specifically, your RPKI
deployment approach should be following known operational best practices for
RPKI, such as those in RFC 7115 / BCP 185, "Origin Validation Operation Based
on the Resource Public Key Infrastructure (RPKI)” -
“… Local policy using relative preference is suggested to manage the
uncertainty
associated with a system in early deployment; local policy can be applied to
eliminate the threat of unreachability of prefixes due to ill-advised
certification
policies and/or incorrect certification data. “
Note that the claims that could ensue from an operator failing to follow best
practices
and then third-parties suffering an major operational outage is likely to be
large and
extremely protracted, with potential for endangering the registry itself due to
the nature
of litigation and its requirement to actually go to all the way to trial in
order to be able
to then introduce evidence and prove that the RPKI services were operating
properly
at the time of the event. If the RIRs did not seek indemnification for use of
the RPKI
services, then all of their other registry services could potentially be put at
risk due to
the need to defend errant litigation, even presuming perfect RPKI service
delivery.
Undertaking that risk to the other services that everyone else presently rely
upon
(Whois, reverse DNS) is not reasonable particularly during this time when the
RPKI
parties are supposed to be deploying via conservative routing preference
practices.
ARIN does make the expectations very clear and explicit in its agreements, and
that
is different from the other RIRs. Again, are the other RIR RPKI non-warranty
and
indemnification clauses equally problematic for you, or is the fact that they
are
implicitly bound address your concerns? This has come up before on the NANOG
mailing list (see attached) but it was unclear if the outcome was an
expectation that
all RIRs should drop these clauses, or that ARIN should make agreement to them
be implicit.
Thanks!
/John
John Curran
President and CEO
ARIN
===
Begin forwarded message:
Subject: Re: APNIC RPKI TAL agreement
From: John Curran <[email protected]<mailto:[email protected]>>
Date: October 16, 2014 at 7:30:48 PM EDT
Cc: Wes George <[email protected]<mailto:[email protected]>>,
Randy Bush <[email protected]<mailto:[email protected]>>, "Geoff Huston"
<[email protected]<mailto:[email protected]>>
To: Michael Sinatra <[email protected]<mailto:[email protected]>>
On Oct 16, 2014, at 3:19 PM, Michael Sinatra
<[email protected]<mailto:[email protected]>> wrote:
Hi John:
At NANOG 62, you mentioned that APNIC has a similar agreement as ARIN to
use its trust-anchor locator (TAL), but that it is not a click-through
agreement like ARIN's. I have searched using basic google-foo for this
agreement, and have also looked on APNIC's certificate rsync server
(which also has an HTTP interface) and I can't find it. Can you, or any
other recipient of this message who is familiar with the APNIC
agreement, point me in the right direction?
Michael -
Review
<http://www.apnic.net/services/manage-resources/digital-certificates/terms-and-conditions>
wherein there is a limitation of liability and requirement that a recipient of
any digital certificate
will indemnify APNIC against any and all claims by third parties for damages of
any kind arising
from the use of that certificate. (last two bullets)
/John
John Curran
President and CEO
ARIN
_______________________________________________
PPML
You are receiving this message because you are subscribed to
the ARIN Public Policy Mailing List ([email protected]).
Unsubscribe or manage your mailing list subscription at:
http://lists.arin.net/mailman/listinfo/arin-ppml
Please contact [email protected] if you experience any issues.
