On Apr 2, 2013, at 12:27 PM, Shane Amante <sh...@castlepoint.net> wrote:
> IMO, there is still one key difference. ISP's are _directly_ involved in > receiving such orders, evaluating them for validity, applicability and then > carrying them out. This can also include providing a heads-up to operations > teams, in that SP, that a change in configuration to effect it was > "purposeful", thus saving substantial time + OpEx not trying to track down a > "general connectivity issue" that a customer calls in and reports to the SP. > > OTOH, with the RPKI ... the actions carried out by, for example, an RIR will > have to be without consultation of the ISP(s) with the directly attached > customer, in the case of sealed orders. How does the SP know that a > certificate was revoked due: a) a bug; b) lack of payment to their RIR; or, > c) a lawful order? And, more importantly, could/should/would ISP's act > differently, in terms of routing on their networks in any of those cases? That would suggest that monitoring and alerting aspects of these services are indeed important, but that doesn't appear to be materially different than the risks associated with relying on third-party filter lists, anti- spam blocklists, or IRR data for delivering reliable services today. /John _______________________________________________ sidr mailing list sidr@ietf.org https://www.ietf.org/mailman/listinfo/sidr
