[rpd] Last Call - RPKI ROAs for Unallocated and Unassigned AFRINIC Address Space AFPUB-2019-GEN-006-DRAFT03.

[Fernando Frediani]

If there is a problem to understand how this policy prevents hijacking 
then there is a fundamental problem to understand how RPKI and ASN0 ROAs 
work.

RIR mission goes beyond just register and allocate number resources, 
just read section 3 of Afrinic bylaws. Need to stop saying these type of 
simplifications.

In any way AfriNic will no "inject data" that is not due. It already 
manages and runs a RPKI TA that any organization can *optionally use* in 
order to eliminate the effects of hijacking. This policy only allows 
AfriNic to add information about the unused resources *under its 
responsability* in order to let others know and use this information as 
necessary.

Regards
Fernando

On 06/06/2021 14:24, aziz halim wrote:

> +1 Anthony.

>

> I’d also like to add that this policy should go back to discussion for 

> the simple reason that it completely misreads the main role of RIRs. 

> More precisely, and as many individuals have commented on the PPM, 

> RIRs have nothing to do with the resource routing process, it is safe 

> to say that it is totally out of their mandate scope. Their one and 

> only mission is to properly register and allocate number resources to 

> end-users.

>

> Correspondingly, the implementation of this policy will increase the 

> chances of committing routing errors, which can potentially hinder 

> network functioning. In fact, AFRINIC staff has a history in 

> committing such technical mistakes, jeopardizing networks. It is 

> simply not in AFRINIC’s mandate to inject data into the routing 

> database. Plus, the following concern that has been raised during the 

> meeting still remains unaddressed : how does this policy prevents 

> hijacking as it’s intended to do ?

>

> On Sun, Jun 6, 2021, 16:48 Anthony Ubah <ubah.tonyiyke at gmail.com 

> <mailto:ubah.tonyiyke at gmail.com>> wrote:

>

>     Dear PDWG,

>

>     Regarding this policy, I didn't throw my weight on it for one

>     reason. There is a gray area which requires clarity and may turn

>     around to hunt service providers and resource owner in the long run.

>     I directed a question to the Legal team at the hearing of this

>     policy, multiple times, and it was inexplicably ignored by Jordi,

>     the Co-chairs and perhaps the legal team, and I still sought

>     clarity on it.

>

>     My question remains; In a situation where, due to human or machine

>     error AS0 is injected by AFRINIC on already assigned resources,

>     and expectedly this result in service disconnection, thus DOS,

>     causing an SLA breach with service end users. *Who bears the final

>     brunt for the consequences (e.g.poor QoS, fines, revenue cut, and

>     loss of customers), Afrinic or resource owner?*

>

>     I still insist this policy isn't ripe, because;

>     1. The Legal team must include this on the impact assessment,

>     clearly stating responsibility for liability.

>     2. The policy must include text stating these policies and

>     mitigation plans.

>     3. Since it has become a trend to follow other RIRs, why do you

>     think most have rejected this policy so far?

>     4. How did the RIRs who have adopted this policy tackled this

>     scenario legally?

>

>     *Best Regards,*

>

>     *Anthony Ubah *

>

>

>

>     On Fri, Jun 4, 2021 at 11:00 AM PDWG Chair

>     <dacostadarwin at gmail.com <mailto:dacostadarwin at gmail.com>> wrote:

>

>         Dear PDWG,

>

>         This is to announce the official start of the last call period

>         for the following policy proposal (in line with the 

>         provisions of the CPM):

>

>         RPKI ROAs for Unallocated and Unassigned AFRINIC Address Space

>         AFPUB-2019-GEN-006-DRAFT03

>         URL: https://afrinic.net/policy/proposals/2019-gen-006-d3

>         <https://afrinic.net/policy/proposals/2019-gen-006-d3>

>

>         The proposal reached rough consensus at the Public Policy

>         Meeting held 2-3 June 2021 in online format. This last call

>         period will run for a period of two weeks as a minimum. The

>         closing date will be communicated to the mailing list

>         depending on the feedback received.

>

>         Regards,

>         PDWG Co-Chairs.

>

>         _______________________________________________

>         RPD mailing list

>         RPD at afrinic.net <mailto:RPD at afrinic.net>

>         https://lists.afrinic.net/mailman/listinfo/rpd

>         <https://lists.afrinic.net/mailman/listinfo/rpd>

>

>     _______________________________________________

>     RPD mailing list

>     RPD at afrinic.net <mailto:RPD at afrinic.net>

>     https://lists.afrinic.net/mailman/listinfo/rpd

>     <https://lists.afrinic.net/mailman/listinfo/rpd>

>

>

> _______________________________________________

> RPD mailing list

> RPD at afrinic.net

> https://lists.afrinic.net/mailman/listinfo/rpd

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.afrinic.net/pipermail/rpd/attachments/20210606/995eb717/attachment-0001.html>