Danny, On Aug 14, 2008, at 8:29 PM, Danny McPherson wrote:
On Aug 14, 2008, at 9:47 AM, brett watson wrote:
We're lacking the authority and delegation model that DNS has, I think? If one were to ignore layer 9 politics, it could be argued the authority/delegation models between DNS and address space are quite analogous. TODAY IANA has an operational role in DNS, they don't have an operational role in Internet routing.
Yep. IANA does indeed have a limited operational role in the DNS (in that currently IANA directly operates .int, ip6.arpa, urn.arpa, uri.arpa, and iris.arpa) and no direct operational role in routing. Of course, the statement was about the authority and delegation model, not about operational roles.
This is certainly not layer 9, and most certainly the most fundamental change to the Internet routing system that RPKI or similar systems would introduce.
Not sure it is 'the most fundamental change', but it is indeed a significant change. That's sort of the point: RPKI is designed to allow for validation which isn't possible now.
To be clear: IANA and RIRs allocate or assign address space today, they don't control any routing on the Internet (and their own internal ASNs and IPs don't count).
Indeed. And if RPKI is deployed in a way that is useful for validation of routing announcements in real time, this will obviously change, regardless of whether there is a single root for the address space or multiple roots. However, it seems to me that the decision as to whether there is a single root or multiple roots is deeply rooted (pun intended) in layer 9. But perhaps that's just me. Regards, -drc