nanog mailing list archives
Re: Reaching out to ARIN members about their RPKI INVALID prefixes
From: Owen DeLong <owen () delong com>
Date: Wed, 19 Sep 2018 18:02:27 -0700
On Sep 19, 2018, at 00:46 , nusenu <nusenu-lists () riseup net> wrote: Owen DeLong:Personally, since all RPKI accomplishes is providing a cryptographically signed notation of origin ASNs that hijackers should prepend to their announcements in order to create an aura of credibility, I think we should stop throwing resources down this rathole.regardless of how one might think about RPKI, there are ROAs out there that reduce the visibility/reachability of certain prefixes and the general assumption is that announced prefixes would like to be reachable even if the operator doesn't care about RPKI and ROAs from the past anymore, he most likely cares about reachability from a pure operational point of view.
Yep… And the easy recipe for one which doesn’t care about RPKI to restore reachability is “delete the ROAs”.
my email was not about: "How much does one like RPKI?”
I have no impression that it was. I thought it was about “Should we consume more RIR resources dealing with this additional pain likely to be caused by RPKI?”
it is about whether it is acceptable that RIRs (and more specifically ARIN in this mailing list's context) notify affected parties of their prefixes that suffer from stale ROAs.
I agree with Mr. Morrow that this would end in pain.
Even if one dislikes RPKI entirely the opinion could still be "yes notifying those parties makes sense to restore reachability”.
Agreed. However, whether I liked RPKI or not, I’d still say that notification by the RIRs is prone to sadness. My initial intent was merely to state that I prefer the RIRs not waste additional resources on this, including notification. Owen
Current thread:
- Re: Reaching out to ARIN members about their RPKI INVALID prefixes, (continued)
- Re: Reaching out to ARIN members about their RPKI INVALID prefixes nusenu (Sep 19)
- Re: Reaching out to ARIN members about their RPKI INVALID prefixes Christopher Morrow (Sep 19)
- Re: Reaching out to ARIN members about their RPKI INVALID prefixes Job Snijders (Sep 19)
- Re: Reaching out to ARIN members about their RPKI INVALID prefixes Christopher Morrow (Sep 19)
- RE: Reaching out to ARIN members about their RPKI INVALID prefixes Phil Lavin (Sep 19)
- Re: Reaching out to ARIN members about their RPKI INVALID prefixes Christopher Morrow (Sep 19)
- Re: Reaching out to ARIN members about their RPKI INVALID prefixes Alex Band (Sep 19)
- Re: Reaching out to ARIN members about their RPKI INVALID prefixes nusenu (Sep 19)
- Re: Reaching out to ARIN members about their RPKI INVALID prefixes nusenu (Sep 19)
- Re: Reaching out to ARIN members about their RPKI INVALID prefixes Owen DeLong (Sep 19)
- Re: Reaching out to ARIN members about their RPKI INVALID prefixes nusenu (Sep 19)
- Re: Reaching out to ARIN members about their RPKI INVALID prefixes Owen DeLong (Sep 19)
- Re: Reaching out to ARIN members about their RPKI INVALID prefixes nusenu (Sep 18)
- Re: Reaching out to ARIN members about their RPKI INVALID prefixes Christopher Morrow (Sep 18)
- Re: Reaching out to ARIN members about their RPKI INVALID prefixes Owen DeLong (Sep 18)
- Re: Reaching out to ARIN members about their RPKI INVALID prefixes Christopher Morrow (Sep 18)
- Re: Reaching out to ARIN members about their RPKI INVALID prefixes nusenu (Sep 18)
- Re: Reaching out to ARIN members about their RPKI INVALID prefixes nusenu (Sep 18)
- Re: Reaching out to ARIN members about their RPKI INVALID prefixes Christopher Morrow (Sep 18)