[rpd] RPKI ROAs for Unallocated and Unassigned AFRINIC Address Space AFPUB-2019-GEN-006-DRAFT02

[Nishal Goburdhan]

On 17 Sep 2020, at 12:10, Topsy Bello via RPD wrote:


> Hello

> the current state of the RPKI infrastructure does not provide a 

> sufficient  period between revocation of ROA and notification that a 

> given prefix has been allocated to an organisation which can have a 

> huge effect on the allocation, i therefore do not agree with this 

> policy


please provide the data, to support your spurious claim.

fwiw, i *have* tested revocation propagation times earlier this year.  
we even found a bug with the RPKI system, for ROAs that had expiry dates 
set after 2050 (hi amreesh!  :-)).  my measurement time, between 
revocation of the offensive ROA, (funnily enough, it was an AS0 ROA) and 
the time that my nine relying party caches spread across south africa, 
mauritius, zimbabwe and tanzania updated, was well less than twenty 
minutes at worst.  in fact, 8/9 of them, refreshed accurately within 600 
seconds (10minutes) which is the rfc8210 default.  i could probably have 
made that shorter, but i am too lazy to change default settings.

feel free to replicate, and let us know what your data reveals.  until 
then i am sure you will understand why we treat your assertion as 
specious.
it is easy to make up FUD;  it is not so easy to back that up, with 
data.

-n.