On 20/Apr/20 17:08, Andrey Kostin wrote:
Hi Nanog list,
Would be interesting to hear your opinion on this: https://isbgpsafeyet.com/
From a practical standpoint, this doesn't actually tell the whole truth in our case because we do not accept the ARIN TAL. Given that this system is "ARIN-based", it says we aren't safe. Swiftly moving on...
We have cases when residential customers ask support "why is your service isn't safe?" pointing to that article. It's difficult to answer correctly considering that the asking person usually doesn't know what BGP is and what it's used for, save for understanding it's function, design and possible misuses. IMO, on one hand it promotes and is aimed to push RPKI deployment, on the other hand is this a proper way for it? How ethical is to claim other market players unsafe, considering that scope of possible impact of not implementing it has completely different scale for a small stub network and big transit provider?
On count two, my experience with doing the RPKI deployathon in Melbourne during this past APRICOT led to some random news web site talking about how "I would be shedding all invalid routes blah blah", which while not untrue, had locals all the way in South Africa asking if the Internet was going to collapse. So while I think these initiatives are useful, considering that information has been democratized to such an extent that it is now a commodity, we might do well to consider the fallout for folk that do not know (or care) about how the Internet works, but know that their lives depend on it, and what that means for our individual SNR's. Mark.