[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Reaching out to ARIN members about their RPKI INVALID prefixes
Personally, since all RPKI accomplishes is providing a cryptographically signed notation of origin ASNs that hijackers should prepend to their announcements in order to create an aura of credibility, I think we should stop throwing resources down this rathole.
Owen
> On Sep 18, 2018, at 4:56 AM, nusenu <nusenu-lists at riseup.net> wrote:
>
> Dear NANOG,
>
> when I approached ARIN about how they feel about reaching out to their members about
> prefixes that are unreachable in a route origin validation (ROV) environment,
> John Curran (CEO ARIN) referred me to you (see email bellow - quoted with permission).
>
> The question I asked ARIN was specifically:
>> Would you be open to reach out to your affected members to inform them about
>> their affected IP prefixes?
>
> John Curran (CEO ARIN) wrote:
>> If there is evidence of community
>> Interest, then ARIN can conduct a community consultation to determine
>> our best role in this area, but you first should encourage discussion
>> within the network operator community at appropriate forums.
>
> So here is my question to the network operator community in the ARIN region to
> gather if there are any (dis)agreements/opinions about such a notification by ARIN:
>
> What do you think about the idea that ARIN actively informs their affected members
> about prefixes that are unreachable in an RPKI ROV environment?
>
> The goal of that outreach/notification would be
> - to reduce the number of broken legacy ROAs from the past
> - reduce the negative impact on reachability of affected members.
>
> looking forward to receiving your feedback!
>
> kind regards,
> nusenu
>
>
>
>
> [1] https://medium.com/@nusenu/towards-cleaning-up-rpki-invalids-d69b03ab8a8c
>
> John Curran wrote:
>> Subject: Reaching out to ARIN members about their RPKI INVALID prefixes
>>
>> Nusenu -
>>
>> Thank you for writing us - the project (and Medium post on same) are
>> quite interesting.
>>
>> I think youâ??ve got several options for pursuing your objectives,
>> including â??
>>
>> 1) Reaching out to parties that already track and report on Internet
>> routing hygiene (e.g. Geoff Huston at http://bgp.potaroo.net, the
>> RPKI validator team at RIPE, the NIST RPKI Deployment monitor -
>> https://rpki-monitor.antd.nist.gov) to see if of them would like to
>> report on this information and/or contact those with invalids)
>>
>> 2) Raising the issue in the ARIN region via the NANOG operator forum
>> - this would make an excellent lightening talk for you (or someone
>> else familiar with it already attending) to speak about at the
>> upcoming NANOG Vancouver meeting. If there is evidence of community
>> Interest, then ARIN can conduct a community consultation to determine
>> our best role in this area, but you first should encourage discussion
>> within the network operator community at appropriate forums. It is
>> not appropriate for ARIN staff to be proposing this additional role
>> for the organization, as we within the ARIN staff follow community
>> direction rather than set it.
>>
>> Thanks! /John
>>
>> John Curran President and CEO ARIN
>>
>
>
>
> --
> https://twitter.com/nusenu_
> https://mastodon.social/@nusenu
>