Dear all, On Wed, Aug 14, 2019 at 10:36:44AM +0000, John Curran wrote:
On 14 Aug 2019, at 2:26 AM, Matthew Petach <mpetach@netflight.com> wrote:
... Now, at the risk of bringing down the ire of the community on my head...ARIN could consider tying the elements together, at least for ARIN members. Add the RPKI terms into the RSA document. You need IP number resources, congratulations, once you sign the RSA, you're covered for RPKI purposes as well.
Matthew -
Yes indeed - this is one of several potential improvements that we’re also investigating.
I've attempted to produce a humorous world map chart to help clarify there is a degree of asymmetry our community may need to consider: http://instituut.net/~job/screenshots/e079d90a-3047-4034-8e7c-9caf6e387f1a.p... The ARIN members (mostly located in the red area) would like all not-ARIN-members (located in the blue area, the rest of the world) to use and honor their ROAs published through ARIN's RPKI service. If not for the purpose of facilitating BGP Origin Validation on as many as possible of Internet's routers to protect one's IP resources, why else would anyone publish RPKI ROAs through their RIR? In other words: ARIN members want something (something very reasonable!) from "the rest of the world", but in order to accomplish that 'something', unfortunately "the rest" needs to agree to the ARIN RPA. This has proven to be somewhat of an adoption barrier. It would be fantastic when "the rest" are not required to do any such thing and the ARIN RPKI TAL can be distributed without restrictions or limitations. I would love to see any solution that removes all potential friction for "the rest of the world", even if that shifts some additional burden to ARIN members themselves; because it's ARIN members that want something from the world, less so the other way around. On Wed, Aug 14, 2019 at 4:42 AM John Curran <jcurran@arin.net> wrote:
Interestingly enough, those same indemnification clauses are in the registration services agreement that they already signed but apparently they were not an issue at all when requesting IP address space or receiving a transfer.
Your observation (if correct) indeed is very interesting, and perhaps demonstrates that RPKI business is something between ARIN and ARIN's members, and less so between ARIN and all other potential relaying parties on this planet. Or phrased differently: perhaps only ARIN members should be the ones incurring the cost and burden of reviewing and accepting ARIN's agreements. I'd like to express my appreciation to ARIN's staff & ARIN's Board of Trustees for dedicating their time and resources to research how to improve in this context. Kind regards, Job ps. Ofcourse this map is an oversimplification of the situation, apologies for any inaccuracies.