Owen DeLong: > Personally, since all RPKI accomplishes is providing a > cryptographically signed notation of origin ASNs that hijackers > should prepend to their announcements in order to create an aura of > credibility, I think we should stop throwing resources down this > rathole.
regardless of how one might think about RPKI, there are ROAs out there that reduce the visibility/reachability of certain prefixes and the general assumption is that announced prefixes would like to be reachable even if the operator doesn't care about RPKI and ROAs from the past anymore, he most likely cares about reachability from a pure operational point of view. my email was not about: "How much does one like RPKI?" it is about whether it is acceptable that RIRs (and more specifically ARIN in this mailing list's context) notify affected parties of their prefixes that suffer from stale ROAs. Even if one dislikes RPKI entirely the opinion could still be "yes notifying those parties makes sense to restore reachability". -- https://twitter.com/nusenu_ https://mastodon.social/@nusenu
signature.asc
Description: OpenPGP digital signature
