nanog mailing list archives
Re: RPKI adoption
From: Job Snijders <job () ntt net>
Date: Wed, 14 Aug 2019 13:24:18 +0200
Dear all, On Wed, Aug 14, 2019 at 10:36:44AM +0000, John Curran wrote:
On 14 Aug 2019, at 2:26 AM, Matthew Petach <mpetach () netflight com> wrote:... Now, at the risk of bringing down the ire of the community on my head...ARIN could consider tying the elements together, at least for ARIN members. Add the RPKI terms into the RSA document. You need IP number resources, congratulations, once you sign the RSA, you're covered for RPKI purposes as well.Matthew - Yes indeed - this is one of several potential improvements that we’re also investigating.
I've attempted to produce a humorous world map chart to help clarify there is a degree of asymmetry our community may need to consider: http://instituut.net/~job/screenshots/e079d90a-3047-4034-8e7c-9caf6e387f1a.png The ARIN members (mostly located in the red area) would like all not-ARIN-members (located in the blue area, the rest of the world) to use and honor their ROAs published through ARIN's RPKI service. If not for the purpose of facilitating BGP Origin Validation on as many as possible of Internet's routers to protect one's IP resources, why else would anyone publish RPKI ROAs through their RIR? In other words: ARIN members want something (something very reasonable!) from "the rest of the world", but in order to accomplish that 'something', unfortunately "the rest" needs to agree to the ARIN RPA. This has proven to be somewhat of an adoption barrier. It would be fantastic when "the rest" are not required to do any such thing and the ARIN RPKI TAL can be distributed without restrictions or limitations. I would love to see any solution that removes all potential friction for "the rest of the world", even if that shifts some additional burden to ARIN members themselves; because it's ARIN members that want something from the world, less so the other way around. On Wed, Aug 14, 2019 at 4:42 AM John Curran <jcurran () arin net> wrote:
Interestingly enough, those same indemnification clauses are in the registration services agreement that they already signed but apparently they were not an issue at all when requesting IP address space or receiving a transfer.
Your observation (if correct) indeed is very interesting, and perhaps demonstrates that RPKI business is something between ARIN and ARIN's members, and less so between ARIN and all other potential relaying parties on this planet. Or phrased differently: perhaps only ARIN members should be the ones incurring the cost and burden of reviewing and accepting ARIN's agreements. I'd like to express my appreciation to ARIN's staff & ARIN's Board of Trustees for dedicating their time and resources to research how to improve in this context. Kind regards, Job ps. Ofcourse this map is an oversimplification of the situation, apologies for any inaccuracies.
Current thread:
- Re: RPKI adoption, (continued)
- Re: RPKI adoption Hank Nussbacher (Aug 13)
- Re: RPKI adoption William Herrin (Aug 13)
- Re: RPKI adoption John Curran (Aug 14)
- Re: RPKI adoption (was: Re: Corporate Identity Theft: Azuki, LLC -- AS13389, 216.179.128.0/17) William Herrin (Aug 13)
- Re: RPKI adoption (was: Re: Corporate Identity Theft: Azuki, LLC -- AS13389, 216.179.128.0/17) John Curran (Aug 14)
- Re: RPKI adoption (was: Re: Corporate Identity Theft: Azuki, LLC -- AS13389, 216.179.128.0/17) Ronald F. Guilmette (Aug 13)
- Re: RPKI adoption (was: Re: Corporate Identity Theft: Azuki, LLC -- AS13389, 216.179.128.0/17) John Curran (Aug 14)
- Re: RPKI adoption (was: Re: Corporate Identity Theft: Azuki, LLC -- AS13389, 216.179.128.0/17) Ronald F. Guilmette (Aug 14)
- Re: RPKI adoption (was: Re: Corporate Identity Theft: Azuki, LLC -- AS13389, 216.179.128.0/17) Matthew Petach (Aug 13)
- Re: RPKI adoption (was: Re: Corporate Identity Theft: Azuki, LLC -- AS13389, 216.179.128.0/17) John Curran (Aug 14)
- Re: RPKI adoption Job Snijders (Aug 14)
- Re: RPKI adoption (was: Re: Corporate Identity Theft: Azuki, LLC -- AS13389, 216.179.128.0/17) Valdis Klētnieks (Aug 14)
- Re: RPKI adoption (was: Re: Corporate Identity Theft: Azuki, LLC -- AS13389, 216.179.128.0/17) John Curran (Aug 14)
- Re: RPKI adoption (was: Re: Corporate Identity Theft: Azuki, LLC -- AS13389, 216.179.128.0/17) Rubens Kuhl (Aug 14)
- Re: RPKI adoption (was: Re: Corporate Identity Theft: Azuki, LLC -- AS13389, 216.179.128.0/17) Valdis Klētnieks (Aug 14)
- Re: RPKI adoption (was: Re: Corporate Identity Theft: Azuki, LLC -- AS13389, 216.179.128.0/17) Anne P. Mitchell, Esq. (Aug 14)
- RE: RPKI adoption (was: Re: Corporate Identity Theft: Azuki, LLC -- AS13389, 216.179.128.0/17) Michel Py (Aug 15)
- Re: Corporate Identity Theft: Azuki, LLC -- AS13389, 216.179.128.0/17 Hank Nussbacher (Aug 13)
- Re: Corporate Identity Theft: Azuki, LLC -- AS13389, 216.179.128.0/17 Ronald F. Guilmette (Aug 14)
- Re: Corporate Identity Theft: Azuki, LLC -- AS13389, 216.179.128.0/17 Hank Nussbacher (Aug 14)
- Re: Corporate Identity Theft: Azuki, LLC -- AS13389, 216.179.128.0/17 John Curran (Aug 15)