Search RPD Archives
[rpd] Last Call - RPKI ROAs for Unallocated and Unassigned AFRINIC Address Space AFPUB-2019-GEN-006-DRAFT03.
Daniel Yakmut
yakmutd at googlemail.com
Mon Jun 7 22:45:41 UTC 2021
Hi,
Are you postulating here that Resources not allocated are susceptible to
hijack?
My other understanding is an RIR is a resource dispenser.
Simply
Daniel
On Mon, Jun 7, 2021, 11:30 PM Fernando Frediani <fhfrediani at gmail.com>
wrote:
> AfriNic (or any other RIR) is the resource holder for IP space that IANA
> has allocated to it. So who else could secure that space until it is
> assigned to an organization issuing ROAs if not the current resource holder
> ?
>
> Must we have a policy accepted by either RIPE or ARIN first in order to
> accept it in AfriNic afterwards ?
> This is not a worry to the RIR, it is actually an additional guarantee
> that no one else will try to make usage of IP space under its
> responsability.
>
> Fernando
> On 07/06/2021 19:14, Daniel Yakmut via RPD wrote:
>
> Dear Jordi,
>
> Just out of curiosity why has RIPE and ARIN refused to adopt the RPKI ROA
> and make it their responsibility that it is used by resource holder?. I
> will agree that RPKI ROA is a good tool to secure BGP routing, however I
> don't see as the responsibility of an RIR to implement it.
>
> My strong opinion is that any resource holder should be responsible for
> securing its resources and if RPKI ROA is the best way to prevent hijack,
> then it will enjoy patronage. Making it a job of AfriNIC, will possibly be
> going over board.
>
> Responding to my opening question, I believe RIPE and ARIN are not keen on
> accepting your arguments because they are mundane. This means resource
> holders should handle this issue, without making it a worry of the RIR.
>
> In this regard, AfriNIC should concentrate on handling other more
> important issues, hence this policy is not relevant.
>
>
> Simply
>
> Daniel
> On 07/06/2021 6:3pm, JORDI PALET MARTINEZ via RPD wrote:
>
> Ni Mimi,
>
>
>
> No, is not ideological, the legal counsel already confirmed the being
> bookkeepers has many other **related** implications, such as provide a
> trustable source of accurate data, and this is what RPKI and AS0 improve.
>
>
>
> The fact that in RIPE has not been accepted yet is just one more excuse,
> if you compare it with the fact that the other TWO RIRs where it has been
> submitted (APNIC and LACNIC) accepted it and in none of those regions there
> have been any of the excuses and lack of knowledge about RPKI that we are
> hearing here. As I’ve explained already, I don’t think the RIPE chairs
> decision was correct, and we will make sure to resubmit the proposal there
> once a consistent appeal process is available, in case chairs take again a
> wrong decision. Also, then the experience in APNIC, LACNIC and AFRINIC will
> show that those motivations are ridiculous.
>
>
>
> From time to time is good that ARIN and RIPE aren’t the leaders, you don’t
> think so? It shows that very smart people exist in other regions as well!
>
>
>
> Once more, sometimes policies in one or the other region fail to reach
> consensus, but it happens sooner or later.
>
>
>
> If you have a simple and trustable tool such as RPKI to drop invalids, you
> have a better way (if you want) to avoid bad actors to use prefixes that
> don’t belong to them as they are still on the hands of AFRINIC. This is
> just facts. Not ideological, not opinions or personal view points. So yes,
> AS0 avoids, if you operate your network in a consistent way, to be faked
> with prefixes not allocated/assigned by AFRINIC, and thus helps to prevent
> hijacking.
>
>
>
> Regards,
>
> Jordi
>
> @jordipalet
>
>
>
>
>
>
>
> El 7/6/21 18:47, "Mimi dy" <dym5328 at gmail.com> escribió:
>
>
>
> Dear WG,
>
>
>
> I think the issue here is ideological. Many people believe that RIRs are
> mere bookkeepers, and it is not in their mandate to inject data into the
> routing database. That is the reason why RIPE did not approve a similar
> proposal, which I totally agree with. Moreover, I wanted to react to
> Jordi’s statement, saying that these objections are based on practical and
> technical matters. There is not only one routing database, there are many,
> isn’t it kind of messy? And that is not even the main reason why I object
> to this policy.
>
> From another perspective, since people can adjust and control their
> routers, can you precise how this policy can potentially prevent/ reduce
> hijacking?
>
>
>
> Best.
>
> _______________________________________________ RPD mailing list
> RPD at afrinic.net https://lists.afrinic.net/mailman/listinfo/rpd
>
> **********************************************
> IPv4 is over
> Are you ready for the new Internet ?
> http://www.theipv6company.com
> The IPv6 Company
>
> This electronic message contains information which may be privileged or
> confidential. The information is intended to be for the exclusive use of
> the individual(s) named above and further non-explicilty authorized
> disclosure, copying, distribution or use of the contents of this
> information, even if partially, including attached files, is strictly
> prohibited and will be considered a criminal offense. If you are not the
> intended recipient be aware that any disclosure, copying, distribution or
> use of the contents of this information, even if partially, including
> attached files, is strictly prohibited, will be considered a criminal
> offense, so you must reply to the original sender to inform about this
> communication and delete it.
>
>
> _______________________________________________
> RPD mailing listRPD at afrinic.nethttps://lists.afrinic.net/mailman/listinfo/rpd
>
>
> _______________________________________________
> RPD mailing listRPD at afrinic.nethttps://lists.afrinic.net/mailman/listinfo/rpd
>
> _______________________________________________
> RPD mailing list
> RPD at afrinic.net
> https://lists.afrinic.net/mailman/listinfo/rpd
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.afrinic.net/pipermail/rpd/attachments/20210607/d7fc13f2/attachment.html>
More information about the RPD
mailing list