Speaking as regular ol' member On Wednesday, August 22, 2012 10:41 PM, Danny McPherson said:
>Admittedly, I'm not certain what triggered this, but clearly, >your email to me suggests that others have expressed concern >of consistency and collisions, a concern expressed by the >IAB as well. As such, I have a question below. The trigger was some of the concerns expressed as part of the call for adoption of the grandparenting draft. Some of the comments concerned the content, where suggestions were made of potential grandparent RPKI actions. Note that the concerns in the email exchange were principally about inconsistencies between the RPKI and the allocation system. I am well aware of the IAB concerns (and thank you for leading that effort!) and refer to them later in my message. > >Sandy (or others in the know), can you shed any light on the >process you have in mind to ensure consistency? Particularly from >the perspective of a prospective RP? Pointers to process (e.g., >RIR processes in the works) are fine. IMHO (speaking as regular ol' member), the SIDR process in mind is as the IAB statement says: a single trust anchor. The origin ops document says "It is assumed that eventually there will be a single root trust anchor for the public address space." It has been pointed out that the CP says that Each CA operating within the context of this PKI MUST employ procedures to ensure that each certificate it issues accurately reflects its records which is another "process in mind" about consistency of the RPKI and the allocation system. I don't speak for the RIRs. But the NRO has made a public request that ICANN "enter into discussions" to task ICANN with the management of the global trust anchor, which is a good step. I have no view of the progress of that discussion. I'd be curious to hear from anyone who does and may (is permitted to) speak of it! --Sandy, speaking as regular ol' member _______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
