nanog mailing list archives

Re: rpki vs. secure dns?

From: Randy Bush <randy () psg com>
Date: Wed, 30 May 2012 18:43:53 +0900

I would also ask people to expand their minds beyond the "it must
have a (near-)real-time mechanism" directly coupled to the Control
Plane" for a variety of reasons.  Such a tight coupling of /any/ two
systems inevitably, and unfortunately, will only fail at scale in
ways that likely would never have been predicted a priori[1] --

i think you're paying insufficient attention to this discussion, if
you think that failure predictions have not already been well made
with respect to the rover approach to routing security.


rfc 3439, the most complex document about simplicity you can imagine

randy

Current thread:

Re: rpki vs. secure dns?, (continued)
- - - Re: rpki vs. secure dns? Richard Barnes (May 29)
    - Re: rpki vs. secure dns? Alex Band (May 29)
    - Re: rpki vs. secure dns? Richard Barnes (May 29)
    - Re: rpki vs. secure dns? Paul Vixie (May 29)
    - Re: rpki vs. secure dns? Randy Bush (May 29)
    - Re: rpki vs. secure dns? Randy Bush (May 29)
    - Re: rpki vs. secure dns? Shane Amante (May 29)
    - Re: rpki vs. secure dns? David Conrad (May 29)
    - Re: rpki vs. secure dns? Shane Amante (May 29)
    - Re: rpki vs. secure dns? Paul Vixie (May 29)
    - Re: rpki vs. secure dns? Randy Bush (May 30)
    - Re: rpki vs. secure dns? Stephane Bortzmeyer (May 29)
- Re: rpki vs. secure dns? John Kristoff (May 01)
  - Re: rpki vs. secure dns? Dobbins, Roland (May 01)
- Re: rpki vs. secure dns? Martin Millnert (May 01)