nanog mailing list archives
Re: rpki vs. secure dns?
From: Randy Bush <randy () psg com>
Date: Wed, 30 May 2012 18:43:53 +0900
I would also ask people to expand their minds beyond the "it must have a (near-)real-time mechanism" directly coupled to the Control Plane" for a variety of reasons. Such a tight coupling of /any/ two systems inevitably, and unfortunately, will only fail at scale in ways that likely would never have been predicted a priori[1] --i think you're paying insufficient attention to this discussion, if you think that failure predictions have not already been well made with respect to the rover approach to routing security.
rfc 3439, the most complex document about simplicity you can imagine randy
Current thread:
- Re: rpki vs. secure dns?, (continued)
- Re: rpki vs. secure dns? Richard Barnes (May 29)
- Re: rpki vs. secure dns? Alex Band (May 29)
- Re: rpki vs. secure dns? Richard Barnes (May 29)
- Re: rpki vs. secure dns? Paul Vixie (May 29)
- Re: rpki vs. secure dns? Randy Bush (May 29)
- Re: rpki vs. secure dns? Randy Bush (May 29)
- Re: rpki vs. secure dns? Shane Amante (May 29)
- Re: rpki vs. secure dns? David Conrad (May 29)
- Re: rpki vs. secure dns? Shane Amante (May 29)
- Re: rpki vs. secure dns? Paul Vixie (May 29)
- Re: rpki vs. secure dns? Randy Bush (May 30)
- Re: rpki vs. secure dns? Stephane Bortzmeyer (May 29)
- Re: rpki vs. secure dns? Dobbins, Roland (May 01)