[136179] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: A top-down RPKI model a threat to human freedom? (was Re: Level

daemon@ATHENA.MIT.EDU (Alex Band)
Tue Feb 1 17:05:13 2011

From: Alex Band <alexb@ripe.net>
In-Reply-To: <35655C23-B950-4F5B-A63A-0CCAB7442859@delong.com>
Date: Tue, 1 Feb 2011 22:57:45 +0100
To: Owen DeLong <owen@delong.com>
Cc: carlos@lacnic.net, nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org


--Apple-Mail-7-462685717
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
	charset=us-ascii


On 1 Feb 2011, at 22:20, Owen DeLong wrote:

>=20
> On Feb 1, 2011, at 9:14 AM, Christopher Morrow wrote:
>=20
>> On Sun, Jan 30, 2011 at 2:55 PM, Martin Millnert <millnert@gmail.com> =
wrote:
>>> Here be dragons,
>> <snip>
>>> It should be fairly obvious, by most recently what's going on in
>>> Egypt, why allowing a government to control the Internet is a Really
>>> Bad Idea.
>>>=20
>>=20
>> how is the egypt thing related to rPKI?
>> How is the propsed rPKI work related to gov't control?
>>=20
> RPKI is a big knob governments might be tempted to turn.

Of course we looked into this, cause we're running our service from =
Amsterdam, the Netherlands. The possibilities for law enforcement =
agencies to take measures against the Resource Certification service run =
by the RIPE NCC are extremely limited. Under Dutch law, the process of =
certification, as well as resource certificates themselves, do not =
qualify as goods that are capable of being confiscated.

Then of course, the decision making process always lies in the hands of =
the network operator. Only if a government would mandate an ISP to =
respect an invalid ROA and drop the route, it would be effective.=20

So *both* these things would have to happen before there is an =
operational issue. Like you've seen in Egypt, pulling the plug is =
easier...

YMMV on your side of the pond.

Alex Band
Product Manager, RIPE NCC=

--Apple-Mail-7-462685717
Content-Disposition: attachment;
	filename=smime.p7s
Content-Type: application/pkcs7-signature;
	name=smime.p7s
Content-Transfer-Encoding: base64

MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIDrDCCA6gw
ggMRoAMCAQICAgFiMA0GCSqGSIb3DQEBBAUAMIGFMQswCQYDVQQGEwJOTDEWMBQGA1UECBMNTm9v
cmQtSG9sbGFuZDESMBAGA1UEBxMJQW1zdGVyZGFtMREwDwYDVQQKEwhSSVBFIE5DQzEMMAoGA1UE
CxMDT1BTMQwwCgYDVQQDEwNDQTIxGzAZBgkqhkiG9w0BCQEWDG9wc0ByaXBlLm5ldDAeFw0xMTAx
MTIxMzUxMzZaFw0yMTAxMDkxMzUxMzZaMHgxCzAJBgNVBAYTAk5MMRYwFAYDVQQIEw1Ob29yZC1I
b2xsYW5kMREwDwYDVQQKEwhSSVBFIE5DQzELMAkGA1UECxMCVFMxEjAQBgNVBAMTCUFsZXggQmFu
ZDEdMBsGCSqGSIb3DQEJARYOYWxleGJAcmlwZS5uZXQwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ
AoGBALC2BQ1PfI/Mbg3yW4hPvFDMxkP+/uATU5b8QRM+dWcrYH7OW7LOFh5UE+oXhmCllp+9Umr8
06HHRC+LtokdHIqTv55GEGERDuQ1CH+67DbzUPisymKXlhOBUkDe5b+Nkm1E4nU40IoWj1r7opA4
iCV5jDY5K+W0E/pbVTyjiGZbAgMBAAGjggExMIIBLTAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQf
Fh1PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUITctKaBZgfQAULQjw80a
JzbGJHIwgbIGA1UdIwSBqjCBp4AUviRV1EFXFxVsA8ildF9OwyDKY9ihgYukgYgwgYUxCzAJBgNV
BAYTAk5MMRYwFAYDVQQIEw1Ob29yZC1Ib2xsYW5kMRIwEAYDVQQHEwlBbXN0ZXJkYW0xETAPBgNV
BAoTCFJJUEUgTkNDMQwwCgYDVQQLEwNPUFMxDDAKBgNVBAMTA0NBMjEbMBkGCSqGSIb3DQEJARYM
b3BzQHJpcGUubmV0ggEAMB4GA1UdEQQXMBWCE2UzLTIuc2luZ3cucmlwZS5uZXQwDQYJKoZIhvcN
AQEEBQADgYEALLrocn+CoCp4UrtWJQ3i3bzbBfUcAczXK/A+hAq0c34yByLFd1HijR5HnLH/Cusx
UYlvA19wKaknJmNMD+euK48Q3oYHz1xNgUr3y0bvZxshAVc/ShnahPYdADblmqY4Ppv0UT57D0lf
YqBEE5arABTOyI/Bngsq3FBWQX5N36cxggLWMIIC0gIBATCBjDCBhTELMAkGA1UEBhMCTkwxFjAU
BgNVBAgTDU5vb3JkLUhvbGxhbmQxEjAQBgNVBAcTCUFtc3RlcmRhbTERMA8GA1UEChMIUklQRSBO
Q0MxDDAKBgNVBAsTA09QUzEMMAoGA1UEAxMDQ0EyMRswGQYJKoZIhvcNAQkBFgxvcHNAcmlwZS5u
ZXQCAgFiMAkGBSsOAwIaBQCgggGfMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJKoZIhvcN
AQkFMQ8XDTExMDIwMTIxNTc0NVowIwYJKoZIhvcNAQkEMRYEFN3Odyy1UcoLURL+XHSANVngpukg
MIGdBgkrBgEEAYI3EAQxgY8wgYwwgYUxCzAJBgNVBAYTAk5MMRYwFAYDVQQIEw1Ob29yZC1Ib2xs
YW5kMRIwEAYDVQQHEwlBbXN0ZXJkYW0xETAPBgNVBAoTCFJJUEUgTkNDMQwwCgYDVQQLEwNPUFMx
DDAKBgNVBAMTA0NBMjEbMBkGCSqGSIb3DQEJARYMb3BzQHJpcGUubmV0AgIBYjCBnwYLKoZIhvcN
AQkQAgsxgY+ggYwwgYUxCzAJBgNVBAYTAk5MMRYwFAYDVQQIEw1Ob29yZC1Ib2xsYW5kMRIwEAYD
VQQHEwlBbXN0ZXJkYW0xETAPBgNVBAoTCFJJUEUgTkNDMQwwCgYDVQQLEwNPUFMxDDAKBgNVBAMT
A0NBMjEbMBkGCSqGSIb3DQEJARYMb3BzQHJpcGUubmV0AgIBYjANBgkqhkiG9w0BAQEFAASBgDCp
gSIRTJYLOO3OYkBNVe397F1tVd4VQHb9AGmKbkNDyogS6644IpGjagmW8mHnoPz1T5knERDodGKQ
LICK0pb8eGB1bUvGy+z2X9vGB1uh8ZNRNbTJuB3Pw07+LNkXBDC8fX7Emr+N8pA5LGemFg4sO5dd
MATG5DsoMLiPmHeuAAAAAAAA

--Apple-Mail-7-462685717--


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[136179] in North American Network Operators' Group

Re: A top-down RPKI model a threat to human freedom? (was Re: Level

daemon@ATHENA.MIT.EDU (Alex Band)Tue Feb 1 17:05:13 2011

daemon@ATHENA.MIT.EDU (Alex Band)
Tue Feb 1 17:05:13 2011