Search RPD Archives
Limit search to: Subject & Body Subject Author
Sort by:

[rpd] Last Call - RPKI ROAs for Unallocated and Unassigned AFRINIC Address Space AFPUB-2019-GEN-006-DRAFT03.

PDWG Chair dacostadarwin at gmail.com
Wed Jul 21 17:42:28 UTC 2021


Dear AFRINIC PDWG,

This is to announce closure of the last call period for the proposal “RPKI ROAs for Unallocated and Unassigned AFRINIC Address Space”, AFPUB-2019-GEN-006-DRAFT03.

The discussions in the RPD mailing list during the Last Call period have been considered and the concerns raised by the PDWG having been addressed. The Co-chairs uphold the consensus status that was reported after the last AFRINIC-33 Public Policy Meeting.

As the PDWG Chairs, we will shortly send a report to the Board for ratification.

Thank you for your participation in this process.

Regards,
Vincent Ngundi & Darwin Da Costa
AFRINIC PDWG CO-CHAIRS.



> On 17 Jun 2021, at 17:17, PDWG Chair <dacostadarwin at gmail.com> wrote:

>

> Dear PDWG,

>

> We hereby extend the Last Call period for this draft policy proposal by two weeks to Saturday 3rd July 2021 at 2359UTC.

>

> This will allow the following:

>

> 1. The AFRINIC Secretariat to respond to the operational/implementation concerns that have been raised by the PDWG. This will be done on or before Wednesday 23rd June 2021.

>

> 2. Thereafter, give the PDWG time to review the response from the AFRINIC Secretariat and further engage on the same, among other resultant matters.

>

> Regards,

> Vincent Ngundi & Darwin Da Costa

> AFRINIC PDWG CO-CHAIRS

>

>

>

>> On 8 Jun 2021, at 15:58, PDWG Chair <vincent at ngundi.me.ke <mailto:vincent at ngundi.me.ke>> wrote:

>>

>> Dear PDWG,

>>

>> Following the commencement of the Last Call period on 5th June 2021, we have noted some concerns that have been raised by some members of the PDWG. As Co-Chairs, and following a review and analysis of the responses, we have concluded that all the concerns raised have been adequately addressed by either the authors of this policy proposal, or by other members of the PDWG.

>>

>> We therefore encourage participants to engage in, and pursue, any editorial changes to the policy proposal as well as any contentious issues that are objective and founded on proper justifications.

>>

>> We also remind the community to adhere to the AfriNIC Code of Conduct (https://www.afrinic.net/code <https://www.afrinic.net/code>) in order to ensure that our deliberations remain professional, respectful and appropriate at all times.

>>

>> Finally, we wish to inform the PDWG that the Last Call period closes on 19th June 2021 at 2359UTC.

>>

>> Regards,

>> Vincent Ngundi & Darwin Da Costa

>> AFRINIC PDWG CO-Chairs

>>

>>

>> On 08/06/2021 16:21, jeffery_sky via RPD wrote:

>>>

>>> Hello,

>>> To clarify, these concerns are becoming repetitive due to the lack of adequate responses from the concerned stakeholders. Also, I want to address the fact that the real problem here is not RPKI in any way. What is really bothering me is that RIR is injecting its own data into RPKI, which makes the previous argument about how signing space is invalid.Further, the usage of RPKI will lead toAS0 all unallocated space for you. Consequently, the routing changes.

>>> I understand that some of these concerns are repeated, but I think it is because they were not addressed properly. The responses provided are mainly vague and it seems to me that you are dodging the comments by bringing the Last call phase procedure and calling out the PDWG co-chairs.

>>> The last call phase is dedicated to this type of discussions, and if several people are not convinced, it simply means that the co-authors should try providing insightful responses that go straight to the point, not vague ones. If this vicious cycle and the lack of proper answers continues, consensus will never happen, and the policy cannot be implemented. Also, most of the raised objections have nothing to do with technicalities, therefore, they are meant to be discussed on the RPD. Finally, the arguments you perceive repeated, have not been received accurate replies, which means they will keep popping out. Consequently, the best thing to do, is to dig deeper in this proposal, instead of labelling the arguments as invalid.In the hope of receiving insightful answers...

>>>

>>> Best.

>>>

>>>

>>> On Tuesday, June 8, 2021, 9:40:10 PM GMT+9, Fernando Frediani <fhfrediani at gmail.com> <mailto:fhfrediani at gmail.com> wrote:

>>>

>>>

>>> +1

>>>

>>> Excelent and simple answer.

>>>

>>> Em 6/8/2021 3:01 AM, Frank Habicht escreveu:

>>> > Hi

>>> >

>>> > On 08/06/2021 01:45, Daniel Yakmut via RPD wrote:

>>> >> Hi,

>>> >>

>>> >> Are you postulating here that Resources not allocated are susceptible to

>>> >> hijack?

>>> > - resources are susceptible to hijack.

>>> > - if a ROA with AS0 was published for an unallocated resource, it would

>>> > be less susceptible to hijack.

>>> >

>>> >

>>> >> My other understanding is an RIR is a resource dispenser.

>>> > When I get my next resource from AfriNIC, I will prefer one that was not

>>> > previously hijacked and used for spamming and network abuse, and got

>>> > blacklisted and a bad reputation everywhere.

>>> >

>>> > What about you?

>>> >

>>> >

>>> > Thanks,

>>> > Frank

>>> >

>>> >

>>> >> Simply

>>> >> Daniel

>>> >>

>>> >> On Mon, Jun 7, 2021, 11:30 PM Fernando Frediani <fhfrediani at gmail.com <mailto:fhfrediani at gmail.com>

>>> >> <mailto:fhfrediani at gmail.com <mailto:fhfrediani at gmail.com>>> wrote:

>>> >>

>>> >> AfriNic (or any other RIR) is the resource holder for IP space that

>>> >> IANA has allocated to it. So who else could secure that space until

>>> >> it is assigned to an organization issuing ROAs if not the current

>>> >> resource holder ?

>>> >>

>>> >> Must we have a policy accepted by either RIPE or ARIN first in order

>>> >> to accept it in AfriNic afterwards ?

>>> >> This is not a worry to the RIR, it is actually an additional

>>> >> guarantee that no one else will try to make usage of IP space under

>>> >> its responsability.

>>> >>

>>> >> Fernando

>>> >>

>>> >> On 07/06/2021 19:14, Daniel Yakmut via RPD wrote:

>>> >>> Dear Jordi,

>>> >>>

>>> >>> Just out of curiosity why has RIPE and ARIN refused to adopt the

>>> >>> RPKI ROA and make it their responsibility that it is used by

>>> >>> resource holder?. I will agree that RPKI ROA is a good tool to

>>> >>> secure BGP routing, however I don't see as the responsibility of

>>> >>> an RIR to implement it.

>>> >>>

>>> >>> My strong opinion is that any resource holder should be

>>> >>> responsible for securing its resources and if RPKI ROA is the best

>>> >>> way to prevent hijack, then it will enjoy patronage. Making it a

>>> >>> job of AfriNIC, will possibly be going over board.

>>> >>>

>>> >>> Responding to my opening question, I believe RIPE and ARIN are not

>>> >>> keen on accepting your arguments because they are mundane. This

>>> >>> means resource holders should handle this issue, without making it

>>> >>> a worry of the RIR.

>>> >>>

>>> >>> In this regard, AfriNIC should concentrate on handling other more

>>> >>> important issues, hence this policy is not relevant.

>>> >>>

>>> >>>

>>> >>> Simply

>>> >>>

>>> >>> Daniel

>>> >>>

>>> >>> On 07/06/2021 6:3pm, JORDI PALET MARTINEZ via RPD wrote:

>>> >>>> Ni Mimi,____

>>> >>>>

>>> >>>> __ __

>>> >>>>

>>> >>>> No, is not ideological, the legal counsel already confirmed the

>>> >>>> being bookkeepers has many other **related** implications, such

>>> >>>> as provide a trustable source of accurate data, and this is what

>>> >>>> RPKI and AS0 improve.____

>>> >>>>

>>> >>>> __ __

>>> >>>>

>>> >>>> The fact that in RIPE has not been accepted yet is just one more

>>> >>>> excuse, if you compare it with the fact that the other TWO RIRs

>>> >>>> where it has been submitted (APNIC and LACNIC) accepted it and in

>>> >>>> none of those regions there have been any of the excuses and lack

>>> >>>> of knowledge about RPKI that we are hearing here. As I’ve

>>> >>>> explained already, I don’t think the RIPE chairs decision was

>>> >>>> correct, and we will make sure to resubmit the proposal there

>>> >>>> once a consistent appeal process is available, in case chairs

>>> >>>> take again a wrong decision. Also, then the experience in APNIC,

>>> >>>> LACNIC and AFRINIC will show that those motivations are

>>> >>>> ridiculous.____

>>> >>>>

>>> >>>> __ __

>>> >>>>

>>> >>>> From time to time is good that ARIN and RIPE aren’t the leaders,

>>> >>>> you don’t think so? It shows that very smart people exist in

>>> >>>> other regions as well!____

>>> >>>>

>>> >>>> __ __

>>> >>>>

>>> >>>> Once more, sometimes policies in one or the other region fail to

>>> >>>> reach consensus, but it happens sooner or later.____

>>> >>>>

>>> >>>> __ __

>>> >>>>

>>> >>>> If you have a simple and trustable tool such as RPKI to drop

>>> >>>> invalids, you have a better way (if you want) to avoid bad actors

>>> >>>> to use prefixes that don’t belong to them as they are still on

>>> >>>> the hands of AFRINIC. This is just facts. Not ideological, not

>>> >>>> opinions or personal view points. So yes, AS0 avoids, if you

>>> >>>> operate your network in a consistent way, to be faked with

>>> >>>> prefixes not allocated/assigned by AFRINIC, and thus helps to

>>> >>>> prevent hijacking.____

>>> >>>>

>>> >>>> __ __

>>> >>>>

>>> >>>> Regards,____

>>> >>>>

>>> >>>> Jordi____

>>> >>>>

>>> >>>> @jordipalet____

>>> >>>>

>>> >>>> __ __

>>> >>>>

>>> >>>> __ __

>>> >>>>

>>> >>>> __ __

>>> >>>>

>>> >>>> El 7/6/21 18:47, "Mimi dy" <dym5328 at gmail.com <mailto:dym5328 at gmail.com>

>>> >>>> <mailto:dym5328 at gmail.com <mailto:dym5328 at gmail.com>>> escribió:____

>>> >>>>

>>> >>>> __ __

>>> >>>>

>>> >>>> Dear WG,____

>>> >>>>

>>> >>>> ____

>>> >>>>

>>> >>>> I think the issue here is ideological. Many people believe that

>>> >>>> RIRs are mere bookkeepers, and it is not in their mandate to

>>> >>>> inject data into the routing database. That is the reason why

>>> >>>> RIPE did not approve a similar proposal, which I totally agree

>>> >>>> with. Moreover, I wanted to react to Jordi’s statement, saying

>>> >>>> that these objections are based on practical and technical

>>> >>>> matters. There is not only one routing database, there are many,

>>> >>>> isn’t it kind of messy? And that is not even the main reason why

>>> >>>> I object to this policy. ____

>>> >>>>

>>> >>>> From another perspective, since people can adjust and control

>>> >>>> their routers, can you precise how this policy can potentially

>>> >>>> prevent/ reduce hijacking?____

>>> >>>>

>>> >>>> ____

>>> >>>>

>>> >>>> Best.____

>>> >>>>

>>> >>>> _______________________________________________ RPD mailing list

>>> >>>> RPD at afrinic.net <mailto:RPD at afrinic.net> <mailto:RPD at afrinic.net <mailto:RPD at afrinic.net>>

>>> >>>> https://lists.afrinic.net/mailman/listinfo/rpd <https://lists.afrinic.net/mailman/listinfo/rpd>

>>> >>>> <https://lists.afrinic.net/mailman/listinfo/rpd <https://lists.afrinic.net/mailman/listinfo/rpd>> ____

>>> >>>>

>>> >>>>

>>> >>>> **********************************************

>>> >>>> IPv4 is over

>>> >>>> Are you ready for the new Internet ?

>>> >>>> http://www.theipv6company.com <http://www.theipv6company.com/><http://www.theipv6company.com <http://www.theipv6company.com/>>

>>> >>>> The IPv6 Company

>>> >>>>

>>> >>>> This electronic message contains information which may be

>>> >>>> privileged or confidential. The information is intended to be for

>>> >>>> the exclusive use of the individual(s) named above and further

>>> >>>> non-explicilty authorized disclosure, copying, distribution or

>>> >>>> use of the contents of this information, even if partially,

>>> >>>> including attached files, is strictly prohibited and will be

>>> >>>> considered a criminal offense. If you are not the intended

>>> >>>> recipient be aware that any disclosure, copying, distribution or

>>> >>>> use of the contents of this information, even if partially,

>>> >>>> including attached files, is strictly prohibited, will be

>>> >>>> considered a criminal offense, so you must reply to the original

>>> >>>> sender to inform about this communication and delete it.

>>>

>>> >>>>

>>> >>>>

>>> >>>> _______________________________________________

>>> >>>> RPD mailing list

>>> >>>> RPD at afrinic.net <mailto:RPD at afrinic.net> <mailto:RPD at afrinic.net <mailto:RPD at afrinic.net>>

>>> >>>> https://lists.afrinic.net/mailman/listinfo/rpd <https://lists.afrinic.net/mailman/listinfo/rpd><https://lists.afrinic.net/mailman/listinfo/rpd <https://lists.afrinic.net/mailman/listinfo/rpd>>

>>> >>> _______________________________________________

>>> >>> RPD mailing list

>>> >>> RPD at afrinic.net <mailto:RPD at afrinic.net> <mailto:RPD at afrinic.net <mailto:RPD at afrinic.net>>

>>> >>> https://lists.afrinic.net/mailman/listinfo/rpd <https://lists.afrinic.net/mailman/listinfo/rpd><https://lists.afrinic.net/mailman/listinfo/rpd <https://lists.afrinic.net/mailman/listinfo/rpd>>

>>> >> _______________________________________________

>>> >> RPD mailing list

>>> >> RPD at afrinic.net <mailto:RPD at afrinic.net> <mailto:RPD at afrinic.net <mailto:RPD at afrinic.net>>

>>> >> https://lists.afrinic.net/mailman/listinfo/rpd <https://lists.afrinic.net/mailman/listinfo/rpd>

>>> >> <https://lists.afrinic.net/mailman/listinfo/rpd <https://lists.afrinic.net/mailman/listinfo/rpd>>

>>> >>

>>> >>

>>> >> _______________________________________________

>>> >> RPD mailing list

>>> >> RPD at afrinic.net <mailto:RPD at afrinic.net>

>>> >> https://lists.afrinic.net/mailman/listinfo/rpd <https://lists.afrinic.net/mailman/listinfo/rpd>

>>> >>

>>> > _______________________________________________

>>> > RPD mailing list

>>> > RPD at afrinic.net <mailto:RPD at afrinic.net>

>>> > https://lists.afrinic.net/mailman/listinfo/rpd <https://lists.afrinic.net/mailman/listinfo/rpd>

>>>

>>> _______________________________________________

>>> RPD mailing list

>>> RPD at afrinic.net <mailto:RPD at afrinic.net>

>>> https://lists.afrinic.net/mailman/listinfo/rpd <https://lists.afrinic.net/mailman/listinfo/rpd>

>>>

>>>

>>> _______________________________________________

>>> RPD mailing list

>>> RPD at afrinic.net <mailto:RPD at afrinic.net>

>>> https://lists.afrinic.net/mailman/listinfo/rpd <https://lists.afrinic.net/mailman/listinfo/rpd>

>> _______________________________________________

>> RPD mailing list

>> RPD at afrinic.net <mailto:RPD at afrinic.net>

>> https://lists.afrinic.net/mailman/listinfo/rpd

>

> _______________________________________________

> RPD mailing list

> RPD at afrinic.net

> https://lists.afrinic.net/mailman/listinfo/rpd


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.afrinic.net/pipermail/rpd/attachments/20210721/a254c223/attachment-0001.html>


More information about the RPD mailing list