On 2023-11-15 21:47, Christopher Hawker wrote:
Hello everyone,
Aftab Siddiqui is currently exploring the possibility of using Route
Object Authorisations (ROAs) as a potential replacement to LOAs.
Separate to this (and unknowing of Aftab's research), I had started a
discussion on the RPKI Community guild on Discord
(https://discord.gg/9jYcqpbdRE) discussing the usage of ROAs instead of
LOAs.
An LOA, or "Letter of Authority" / "Letter of Authorization," is a
formal document granting permission for third parties to take specific
actions regarding network resources or services. In the service
provider industry, its primary use is for advertising address resources
(IPv4/v6 and ASN). When an organization intends to announce its IP
prefixes through its own or a transit provider's ASN to the global
internet, it typically needs to provide an LOA to their transit
provider, confirming their custodianship or ownership of the resources.
I've found WHOIS is a good enough resource for this purpose. The SPs
that are delegating prefixes are good about using SWIP to show
assignment.
North American SPs are motivated to keep SWIP assignments up to date
because of ARIN's requirement to demonstrate usage of IP resources for
IP block transfers.
I think I've needed to request an LOA from a customer for this purpose
just once in the past 10 years because the SWIP wasn't done. IIRC the
assigning provider did a SWIP instead.
RPKI ROA, stands for "Resource Public Key Infrastructure Route Origin
Authorization," is part of a security framework designed to validate
the authenticity of internet routing information. It involves a
digitally signed object that specifies which Autonomous Systems (ASes)
are permitted to announce specific IP address prefixes.
Could you please take a moment to fill out our brief survey? Your
feedback will play a crucial role in our understanding of this topic.
Survey Link: https://www.surveymonkey.com/r/JCHLWBB
Thanks,
Christopher Hawker
-Brian