Speaking as a regular ol' member >It seems, to me, that if the RPKI can't be used to actually validate who >owns what route with certainty, we're going to a lot of trouble for >nothing... Or maybe folks are trying to have their cake and eat it to. >"We'll provide solid security which you can ignore if you like, no >problem."
Routing policy has always been left to the local operator. You suggest a change to a mandated global common policy. I don't think that could ever fly with the operators. >I know this goes back to the difference between "unknown," and >"invalid," but if all address space which no-one actually claims is open >for whatever use anyone wants, then are we really making any progress in >any meaningful way? So a flag day would be preferable, when everyone would be required to have certified their address space? If not, incremental deployment requires handling the case of "no-one actually claims" the space. For the "no-one actually claims" space, that space will be subject to the same attacks as exist now. Pretty much the same with any new but unused protection system. --Sandy, speaking as regular ol' member _______________________________________________ sidr mailing list sidr@ietf.org https://www.ietf.org/mailman/listinfo/sidr
