[rpd] Last Call - RPKI ROAs for Unallocated and Unassigned AFRINIC Address Space AFPUB-2019-GEN-006-DRAFT03.

[Job Snijders]

On Sat, Jun 12, 2021 at 01:18:39PM +0200, Nishal Goburdhan wrote:

> which roughly equates to:  what’s bad about having unallocated space be

> marked as AS0?


It introduces new failure modes that previously did not exist. It
introduces failure modes that do not *need* to exist.

A relevant example from a few months ago, at another RIR:

    "On Wednesday, 16 December 2020 from 18:00-19:00 (UTC+1), some legacy
    resources lost their contractual status in our internal systems. The
    result of this was that the RPKI ROAs for these resources were
    revoked."

It is of course suboptimal to lose your ROAs for a period of time,
because during that period of time you are not enjoying the protection
of BGP Origin Validation.

But... It is an entirely different matter if in such a situation not
only your ROAs disappear, but your resources are added to the AS 0 TAL -
automatically, and the internet starts rejecting your BGP routes.
Deregistration (for ANY reason) - leads to IP blackholing!

When analysing cybersecurity proposals, we have to gauge the reward/risk
ratio, and based on my experiences so far with RPKI, this policy does
not look good. We should not create a situation where the consequences
of small errors are amplified into internet-wide outages.

Kind regards,

Job

[1]: https://www.ripe.net/support/service-announcements/rpki-roas-deleted-for-some-legacy-resources