> In these use cases, what breaks if we allow two ROAs to co-exist in the > system (one authorizing the customer AS and one authorizing the proxy AS to > originate the prefix) _much before_ the attack (or storm) takes place? After all, this is a valid business relationship. Choose your pill wisely.
Nothing will break, just think of multi-homing where two service providers announce the prefix out of their AS. Or just before a ROA expires a replacement should be installed beforehand to prevent ending up with an "invalid" during the origin validation. Again, I think it is worthwhile to mention that it takes only one ROA to declare the origin validation as valid. Oliver _______________________________________________ sidr mailing list sidr@ietf.org https://www.ietf.org/mailman/listinfo/sidr _______________________________________________ sidr mailing list sidr@ietf.org https://www.ietf.org/mailman/listinfo/sidr