Hi,
I choose not to get into discussions of conflict of interest aspect of
this thread as I prefer to remain naive and assume folks are doing
what they believe is in the best interests of the Internet over the
long term. However, I'd like to use a footnote from Randy's note to
ask what I'm guessing is a stupid question:
On Sep 7, 2009, at 9:12 AM, Randy Bush wrote:
[1] - what i have seen in the sidr wg has driven me into the group
which
is extremely concerned about the rirs controling routing given
their clear lack of altruism for the health of the internet.
I, perhaps more than most, have had the recent 'joyful' experience of
trying to get a security system that has a hierarchical trust model
actually deployed. Suffice it to say, it is a non-trivial exercise in
non-technical negotiation. From my perhaps biased perspective it
would seem that while conceptually and technically, hierarchical trust
models are nice and elegant and simple, they do NOT easily map into
political and economic realities which are decidedly non-
hierarchical. As a result, deployment has required a tremendous
amount of time and thrust to actually make appreciable forward progress.
So, here we are, coming up with yet another security system with a
hierarchical trust model (whether there is one root or five or six is
irrelevant). However, in this case and as I understand it,
implementation of this particular security system can (note: not must)
imply the root or roots has, as Randy notes, the ability to _control
the routing system_, potentially in real time.
I will admit some skepticism that this will be remotely acceptable,
either in a political or business sense. As such, I have to assume I
misunderstand something fundamental about the intent or trust model of
SIDR. Could someone enlighten me why enterprises, ISPs, or governments
who are NOT the roots of this system won't recoil in horror at even
the idea that their parents, grandparents, great-grandparents, etc. in
the trust hierarchy potentially could, by intent, whim, or error,
instantly and completely remove their ability to send/receive Internet
traffic[1]?
Thanks,
-drc
[1] Note that the actual accuracy of this statement is not
particularly relevant since there will be folks who will spin the
capabilities of the system in this way.
_______________________________________________
sidr mailing list
sidr@ietf.org
https://www.ietf.org/mailman/listinfo/sidr
