On Aug 14, 2008, at 12:15 PM, <michael.dillon@bt.com> <michael.dillon@bt.com
wrote:
And here I thought IANA handed out ASnums and IP address blocks to ARIN (and RIPE and LACNIC and AfriNIC and APNIC and the IETF for specific protocol requirements)... We are talking Internet operations, not Internet politics.
Indeed.
People don't care where the numbers came from, they care who actually got the rights to use them, and then what those orgs did with the rights, i.e. an IP addr block owner may delegate the rights to announce a subset of their space to a specific ASnum holder.
Yep. And as with DNSSEC, you, as a network operator, get a choice. You can configure a single trust anchor corresponding to the actual address allocation flow and follow a chain of authority down to the leaf (end user or ISP) allocation or you can configure a number of trust anchors and figure out how to deal with cross-certifications resulting from the multiple roots. Ignoring politics, the technically and architecturally cleaner approach is obvious to me. However, as I mentioned, it is challenging to ignore the layer 9 politics. Regards, -drc