Thanks for your detailed response John. Further comments inline. On Mon, Aug 5, 2013 at 9:58 PM, John Curran <jcurran@arin.net> wrote:
So, Marcel, please allow me to turn the question around... Do you do you believe that there should be an RPKI Global Trust Anchor? Are you concerned about the potential aggregation of control and risk that may result? (Feel free to answer me privately if you would prefer.)
Having a single root seems like the right way to go. There will always be the threat (real or imagined) of outside interference. For that reason I'm sure there will be a small droid army of independent systems monitoring and studying every change the Global Trust Anchor makes - ready to sound the alarm. It's probably easier to keep an eye on one trust anchor than it is to monitor 5 of them. All the other arguments I've heard are in favour of a one-TA system so I won't repeat them.
At the point in time when we understand the technical architecture being proposed and its implications, we will formally poll the ARIN and NANOG community on the question of whether there is support for having an RPKI Global Trust Anchor. My best estimate is that this will occur near the end of this year, but there's nothing wrong with having some discussion in the meantime if the mailing list is otherwise quiet. :-)
I hope this provides some insight - thank you for asking about it, as it has been too long since any status update on this project (I will work on that as well for the very near future.)
As I said, thanks for the update.
Thanks! /John
John Curran President and CEO ARIN
Marcel