[152401] in North American Network Operators' Group
Re: rpki vs. secure dns?
daemon@ATHENA.MIT.EDU (Florian Weimer)
Sat Apr 28 05:57:18 2012
From: Florian Weimer <fw@deneb.enyo.de>
To: Paul Vixie <vixie@isc.org>
Date: Sat, 28 Apr 2012 11:56:51 +0200
In-Reply-To: <4F9B181D.30606@isc.org> (Paul Vixie's message of "Fri, 27 Apr
2012 22:05:17 +0000")
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
* Paul Vixie:
> this seems late, compared to the various commitments made to rpki in
> recent years. is anybody taking it seriously?
The idea as such isn't new, this has been floating around for four
years or more, including at least one Internet draft,
draft-donnerhacke-sidr-bgp-verification-dnssec.
I don't know if we can get RPKI to deployment because RIPE and RIPE
NCC have rather serious issues with it. On the other hand, there
doesn't seem to be anything else which keeps RIRs relevant in the
post-scarcity world, so we'll see what happens.
