Re: A top-down RPKI model a threat to human freedom? (was Re: Level 3's IRR Database)
So a possible road to ruin I was thinking of when I mentioned my unease is, to state the obvious, - Some large ISPs do RPKI as it's secure and their government contract says they have to be secure, keep the terrists out, so all directly attached ISP have to do it too kicking off a domino Other large customers will see the government lead and choose the same to meet the corporate governance rules so smaller ISP they use start to fall in line. It'll escalate like the MD5 frenzy, goes global and at some point hits critical mass where some ISP decide the unsigned routes are a risk and they can afford to drop them, like some do with deaggregates now. You get to the state of either you sign or your upstream signs (like L3 IRR proxy entries just a bit harder) or you don't exist. Some other event, like with UK anti CP filters, will happen where it becomes a legal requirement to let someone fiddle and make a kill switch to be used in certain circumstances. Later it gets used in unintended circumstances Our trade of control for security has given us neither. Of course more likely the key renewal will get spam filtered and I'll not notice until we fall off the net, or we forget to pay the RIR invoice on time and get cut off, causing a long outage that I can't fix as quickly as rolling back a router config change. I also wonder about emergency use, post a katrina have we made something that's too hard to bootstrap quickly. Drive slow. brandon
participants (1)
-
Brandon Butterworth