Re: Your Input Needed: Can ROA Replace LOA? – Short Survey (7 mins)

[Tom Beecher <beecher () beecher cc>]

> <citation required>

In a decade working on the SP side of the world, I worked with prob 20
different upstream carriers. I can only think of one that required LOA to
accept prefixes via BGP. Everyone else was via RIR methods, or nothing.
There are of course providers out there that do, but not nearly as many to
state it's a "primary use case", especially relative to #1 and #2 on your
list.




On Thu, Nov 16, 2023 at 11:18 AM Christopher Morrow <morrowc.lists () gmail com>
wrote:

> On Thu, Nov 16, 2023 at 10:22 AM Tom Beecher <beecher () beecher cc> wrote:
> > > In the service provider industry, its primary use is for advertising
> address resources (IPv4/v6 and ASN)
> > Not really.
>
> <citation required>
>
> I would think there are a few uses of LOA in the telco/SP world, at least:
>
>   1) 'can I make this cross-connect happen?'
>   2) 'can I do some work on this link/path/fiber/conduit on behalf of
> <customerX> where the entity to be worked on is <providerY>
> infrastructure'
>   3) 'Please accept this internet number resource from <customerX>
> when the number resource is authorized for use by <entityA>'
>
> I would love to see ROA take over the 3rd of those, since it's a clear
> indicator that:
>   "RIR authorizes LIR to use <number resource>, LIR authorizes
> AS-OWNER to originate <number resource>"
>
> and by 'clear indicator' I mean: "has some cryptographic/PKI backing
> you can follow to the RIR in an automated fashion"
> Where 'LOA' generally is a xerox of a photocopy of a fax of a
> dot-matrix printed MS-Word templated document which perhaps has an X
> on the 'signature' line...
>
> -chris