[135415] in North American Network Operators' Group
Re: [arin-announce] ARIN Resource Certification Update
daemon@ATHENA.MIT.EDU (Danny McPherson)
Mon Jan 24 21:43:21 2011
From: Danny McPherson <danny@tcb.net>
In-Reply-To: <AANLkTimv+d0RjMAa+j1oHDrj66Co-_5ApFT4JrvZMVJd@mail.gmail.com>
Date: Mon, 24 Jan 2011 21:42:31 -0500
To: "NANOG Operators' Group" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Jan 24, 2011, at 9:21 PM, Richard Barnes wrote:
> The more you have to invent, though, the more this sounds like a
> bike-shed discussion.
> s/DNSSEC/X.509/g
> s/delegating reverse "prefix" zone/signing RPKI delegation certificate/g
The difference is that we don't have an operational RPKI system, we
do have an operational DNS one.
It's most certainly NOT a bike shed discussion - at least with respect
to how I'd configure my routers.
I suspect I've sufficiently chummed the waters, I'll kick back and absorb
all the reasons this is a whack idea :)
-danny
