[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

A top-down RPKI model a threat to human freedom? (was Re: Level 3's IRR Database)

Although I support Rpki as a technology, there are legitimate concerns that it could be abused. I now believe that Rpki needs work in this area at IETF level so the concerns are adressed.

I imagine some form of secret sharing among different parties or sme form of key escrow. I am sure that it is not an easy problem, but maybe some progress can be made in this direction.



On Feb 1, 2011, at 7:33 PM, Michael Hallgren <m.hallgren at free.fr> wrote:

> Le mardi 01 f?vrier 2011 ? 12:14 -0500, Christopher Morrow a ?crit : 
>> On Sun, Jan 30, 2011 at 2:55 PM, Martin Millnert <millnert at gmail.com> wrote:
>>> Here be dragons,
>> <snip>
>>> It should be fairly obvious, by most recently what's going on in
>>> Egypt, why allowing a government to control the Internet is a Really
>>> Bad Idea.
>> how is the egypt thing related to rPKI?
>> How is the propsed rPKI work related to gov't control?
>>> architecturally/technologically *impossible* for a entity from country
>>> A to via-the-hierarchical-trust-model block a prefix assigned to some
>>> entity in country B, that is assigned by B's RIR and in full
>>> accordance with the RIR policies and in no breach of any contract.
>> countries do not have RIR's, countries have NIR's... regions have RIR's.
> In this context, at least, perhaps the NIR should be considered
> superfluous or redundant? What is the operational rationale behind the
> NIR level? Wouldn't a flatter RIR-LIR structure do just fine?
> mh