[136175] in North American Network Operators' Group
Re: A top-down RPKI model a threat to human freedom? (was Re: Level
daemon@ATHENA.MIT.EDU (Arturo Servin)
Tue Feb 1 16:55:48 2011
From: Arturo Servin <arturo.servin@gmail.com>
In-Reply-To: <AC42C884-74B0-4CF2-91B6-F35A1044A141@queuefull.net>
Date: Tue, 1 Feb 2011 16:43:43 -0500
To: NANOG Operators' Group <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
=09
Is it really a better alternative? Do we want to pay the cost of =
a fully distributed RPKI architecture?
Or do we just abandon the idea of protecting the routing =
infrastructure?
There is no free-lunch, we just need to select the price that we =
want to pay.
-as
On 1 Feb 2011, at 16:29, Benson Schliesser wrote:
>=20
> On Feb 1, 2011, at 11:14 AM, Christopher Morrow wrote:
>=20
>> On Sun, Jan 30, 2011 at 2:55 PM, Martin Millnert <millnert@gmail.com> =
wrote:
>>> Here be dragons,
>> <snip>
>>> It should be fairly obvious, by most recently what's going on in
>>> Egypt, why allowing a government to control the Internet is a Really
>>> Bad Idea.
>>>=20
>>=20
>> how is the egypt thing related to rPKI?
>> How is the propsed rPKI work related to gov't control?
>=20
> In theory at least, entities closer to the RPKI root (RIRs, IANA) =
could invalidate routes for any sort of policy reasons. This might =
provide leverage to certain governments, perhaps even offering the =
ability to control routing beyond their jurisdiction.
>=20
> As an example, it's imaginable that the US government could require =
IANA or ARIN to delegate authority to the NSA for a Canadian ISP's =
routes. Feel free to replace the RIR/LIR and country names, to suit =
your own example.
>=20
> Cheers,
> -Benson
>=20
>=20
