Dear John, On Tue, Sep 25, 2018 at 08:28:54PM +0000, John Curran wrote: > On 25 Sep 2018, at 3:34 PM, Job Snijders <j...@ntt.net> wrote: > > > > On Tue, Sep 25, 2018 at 03:07:54PM -0400, John Curran wrote: > >> On Sep 25, 2018, at 1:30 PM, Job Snijders <j...@ntt.net> wrote: > >>> > >>> """Using the data, we can also see that the providers that have not > >>> downloaded the ARIN TAL. Either because they were not aware that > >>> they needed to, or could not agree to the agreement they have with > >>> it. > >> > >> Is it possible to ascertain how many of those who have not downloaded > >> the ARIN TAL are also publishing ROA’s via RIPE’s CA? > > > > I'm sure we could extend the data set to figure this out. > > It would be informative to know how many organizations potentially > have concerns about the indemnification clause in the RPA but already > agree to indemnification via RIPE NCC Certification Service Terms and > Conditions.
This seems a matter of personal curiosity that perhaps distracts from the problem at hand: the ARIN TAL is less widely deployed than the other TALs. I'm open to solutions or suggestions to get the ARIN TAL more widely distributed, however I do think that inclusion in the RPKI Cache Validators is a *key* element, so the ARIN TAL can be used after a default installation of such software. We really need to bring it back down to "apt install rpki-cache-validator" to best serve the interests of the ARIN members. Imagine the Chrome browser shipping without any of the TLS Root Certificates, or Unbound without the DNSSEC root key! Kind regards, Job