On Aug 28, 2008, at 3:47 PM, Deepak Jain wrote:
We can go into lots of reasons why the Internet runs this way. I think we can all agree 1) Its amazing it runs as well as it does, and 2) No one has clearly articulated a financial reason for any large organizations to significantly change their interconnection methodologies over the current BCP [that exceeds the costs of doing so].
Until either of those assertions change, the status quo will essentially remain.
Well, there's also been a bit of a chicken and egg problem here - as no formally verifiable authoritative source for who is authorized to originate what IP address space has ever existed, and until that happens, you can't secure the routing system. Fortunately, the RPKI work will address this, and some of the RIRs are working on RPKI implementations now. If there are ways the IRRs can be populated using this information and non-RPKI derived updates can be considered less preferable (whatever that means), then we can get to a better place with the IRRs as a stop gap until a secure routing protocol can actually be deployed. However, without that as a stepping stone, it's an awfully large leap from RPKI directly into a secure inter-domain routing protocol. -danny