On 8/10/09 3:13 AM, "Danny McPherson" <da...@tcb.net> wrote:
>
>
> On Oct 7, 2009, at 10:47 AM, Robert Kisteleki wrote:
>
>> Suppose you're ISP1, and want to sell some part of your clients to
>> ISP2 (this happens: mergers, splits, you name it). In other words,
>> you want to transfer a live, routed and used chunk of space to
>> another party. How would you execute this while ROAs are in place?
>
> ISP1 would issue ROAs with ISP2 as authorized origin AS for
> prefixes in question, no?
right.. and further make the ROAs match before and after settlement as to
not upset the network.
>
>> If you think about it you'll realize that there have to be multiple
>> ROAs which overlap in terms of validity time, otherwise you
>> introduce exact timing, which sounds pretty difficult to execute
>> with 30K+ participants.
>
> My concern isn't about collision/overlap of ROAs at the bottom
> of the RPKI hierarchy, that seems perfectly reasonably to me if
> the operator so chooses.
But what decision should the relying party make? in other words how does the
relying party know that collision was intentional?
>
> My concern is about resolution of collisions among TAs and CERTs
> at the top, in particular when the TAs are NOT congruent to the
> address allocation hierarchy - how does a relying party elsewhere
> resolve this when the TA and allocation hierarchy are not congruent
> (not to mention implications on attack surface as a result).
I suspect, the only answer to this is a trusted TA repository that blesses
the TAs so that all the Relying Parties can at least start from a cogent
position. I can hear the groans of discomfort now.. :-)
Cheers
Terry
_______________________________________________
sidr mailing list
sidr@ietf.org
https://www.ietf.org/mailman/listinfo/sidr
