[152436] in North American Network Operators' Group
Re: rpki vs. secure dns?
daemon@ATHENA.MIT.EDU (David Conrad)
Sun Apr 29 16:03:46 2012
From: David Conrad <drc@virtualized.org>
In-Reply-To: <E2519DBA-2A15-48F4-B32C-A8C346BC1AE1@ripe.net>
Date: Sun, 29 Apr 2012 13:03:11 -0700
To: Alex Band <alexb@ripe.net>
Cc: Nanog <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Alex,
On Apr 29, 2012, at 8:16 AM, Alex Band wrote:
> All in all, for an RPKI-specific court order to be effective in taking =
a network offline, the RIR would have to tamper with the registry, =
inject false data and try to make sure it's not detected so nobody =
applies a local override.
I suspect the court order would simply say something like 'RIPE-NCC =
must, upon pain of contempt of court, take sufficient steps to =
invalidate the allocations made to customer X' and leave it up to you =
all to figure out how to do it. I doubt they'd care all that much about =
implementation details. Are you saying it is not possible for RIPE-NCC =
staff to do this? I also doubt the court would care too much about =
'local override' as the "Tyranny of Defaults" would be sufficient for =
their needs (and they could probably sanction the folks in the =
Netherlands who they discovered did the override).
As Randy points out, this is not unique to SIDR-defined RPKI. It is =
applicable to any top-down hierarchical authorization mechanism. =
Security has (non-monetary) costs.
Regards,
-drc
