[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

A top-down RPKI model a threat to human freedom? (was Re: Level 3's IRR Database)

On Tue, 2011-02-01 at 14:51 -0800, Owen DeLong wrote:
> If the RIR is signing the "invalid" ROA, how does one distinguish the
> invalid from the valid?

In systems where the outputs from a computer system are very, very
critical, a sort of "consensus" takes place (I think they did this in
some space flights too) - two of three independent systems have to agree
that the information is correct before it can be acted upon.

Perhaps there is room at the top level for some such mechanism in RPKI?
That is, treat "the top" not as being one RIR, but as a confederation of
RIRs, possibly all with the SAME key. If different keys start appearing,
the one that comes from the most RIRs is considered correct, and the
other(s) as mavericks.

But I'm speaking from a very deep well of ignorance about RPKI.

Regards, K.

Karl Auer (kauer at biplane.com.au)                   +61-2-64957160 (h)
http://www.biplane.com.au/kauer/                   +61-428-957160 (mob)

GPG fingerprint: DA41 51B1 1481 16E1 F7E2 B2E9 3007 14ED 5736 F687
Old fingerprint: B386 7819 B227 2961 8301 C5A9 2EBC 754B CD97 0156
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20110202/e11152ab/attachment.bin>