[135400] in North American Network Operators' Group
Re: [arin-announce] ARIN Resource Certification Update
daemon@ATHENA.MIT.EDU (Danny McPherson)
Mon Jan 24 20:41:11 2011
From: Danny McPherson <danny@tcb.net>
In-Reply-To: <m2wrltpy3v.wl%randy@psg.com>
Date: Mon, 24 Jan 2011 20:41:06 -0500
To: "NANOG Operators' Group" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Jan 24, 2011, at 8:32 PM, Randy Bush wrote:
> let's wind the wayback machine to 1998
>
> http://tools.ietf.org/html/draft-bates-bgp4-nlri-orig-verif-00
Yep, read that way back when it was posted initially, and again
a short while back, makes good sense, methinks.
And now that DNSSEC is deployed and DANE is happening,
you could even include certificates there in the event that relying
parties want to employ them for dynamic secure routing in the
future and we wouldn't have to build (or deal with the operational
and political hurdles that are sure to arise) with RPKI at all.
-danny
