On Tue, 2011-02-01 at 14:51 -0800, Owen DeLong wrote:
If the RIR is signing the "invalid" ROA, how does one distinguish the invalid from the valid?
In systems where the outputs from a computer system are very, very critical, a sort of "consensus" takes place (I think they did this in some space flights too) - two of three independent systems have to agree that the information is correct before it can be acted upon. Perhaps there is room at the top level for some such mechanism in RPKI? That is, treat "the top" not as being one RIR, but as a confederation of RIRs, possibly all with the SAME key. If different keys start appearing, the one that comes from the most RIRs is considered correct, and the other(s) as mavericks. But I'm speaking from a very deep well of ignorance about RPKI. Regards, K. -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Karl Auer (kauer@biplane.com.au) +61-2-64957160 (h) http://www.biplane.com.au/kauer/ +61-428-957160 (mob) GPG fingerprint: DA41 51B1 1481 16E1 F7E2 B2E9 3007 14ED 5736 F687 Old fingerprint: B386 7819 B227 2961 8301 C5A9 2EBC 754B CD97 0156