[152425] in North American Network Operators' Group
Re: rpki vs. secure dns?
daemon@ATHENA.MIT.EDU (Nick Hilliard)
Sat Apr 28 13:46:10 2012
X-Envelope-To: nanog@nanog.org
Date: Sat, 28 Apr 2012 18:45:30 +0100
From: Nick Hilliard <nick@foobar.org>
To: Phil Regnauld <regnauld@nsrc.org>
In-Reply-To: <20120428172751.GU36073@macbook.bluepipe.net>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On 28/04/2012 18:27, Phil Regnauld wrote:
> To me that seems like the most obvious problem, but as Alex put it,
> "Everyone has the ability to apply an override on data they do not trust,
> or have a specific local policy for."
So what do you suggest to do with a roa lookup which returns "Invalid"?
Nick
