In message <2541cadf-4a76-b172-b395-0822f18898f8@bryanfields.net>, Bryan Fields writes:
On 6/6/17 9:13 PM, Mark Andrews wrote:
Getting to that stage requires several companies to simultaneously say "we will no longer accept <list> as valid mechanisms to verify routes announcements. You need to use X or else we won't accept the announcement". Yes, this requires guts to do.
And what of legacy address holders? ARIN will not permit RPKI use of their blocks.
This really doesn't prevent it being used. RPKI could have a forth CA for legacy holders that don't accept ARIN's terms for issuing of RPKI. You just need to co-ordinate yourselves. There is nothing magical about the current three other than they are accepted by everyone. Or we can just abandon IPv4 and its legacy baggage and do it for IPv6. Mark
-- Bryan Fields
727-409-1194 - Voice http://bryanfields.net -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka@isc.org