Search RPD Archives
[rpd] Last Call - RPKI ROAs for Unallocated and Unassigned AFRINIC Address Space AFPUB-2019-GEN-006-DRAFT03.
Meriem Dayday
meriemdayday at gmail.com
Thu Jul 22 09:07:10 UTC 2021
Hello all,
I am sending my updated appeal against the consensus declared by the
co-chairs on the RPKI Policy. I incorporated some new elements for the AC
and the chairs to take into account.
I hope that this updated appeal will be taken into consideration.
Best regards.
Le jeu. 22 juil. 2021 à 09:54, Meriem Dayday <meriemdayday at gmail.com> a
écrit :
> Dear PDWG co-chairs,
>
>
> I would like to remind you that there is still an ongoing appeal against
> the implementation of the RPKI policy, of which we did not get the results.
> It is our right as a community to file an appeal, and more importantly to
> receive a proper final evaluation from the appeal committee (although it
> got dissolved, we are still waiting for its reconstitution, hence, the
> announcement of the appeal results).
> I must say, this behavior violates the CPM and displays a huge disregard
> of the community’s opinion.
>
> We are awaiting AFRINIC's clarification on that serious matter.
>
>
> Best regards.
>
> Le mer. 21 juil. 2021 à 18:43, PDWG Chair <dacostadarwin at gmail.com> a
> écrit :
>
>> Dear AFRINIC PDWG,
>>
>> This is to announce closure of the last call period for the proposal “RPKI
>> ROAs for Unallocated and Unassigned AFRINIC Address Space”,
>> AFPUB-2019-GEN-006-DRAFT03.
>>
>> The discussions in the RPD mailing list during the Last Call period have
>> been considered and the concerns raised by the PDWG having been addressed.
>> The Co-chairs uphold the consensus status that was reported after the last
>> AFRINIC-33 Public Policy Meeting.
>>
>> As the PDWG Chairs, we will shortly send a report to the Board for
>> ratification.
>>
>> Thank you for your participation in this process.
>>
>> Regards,
>> Vincent Ngundi & Darwin Da Costa
>> AFRINIC PDWG CO-CHAIRS.
>>
>>
>> On 17 Jun 2021, at 17:17, PDWG Chair <dacostadarwin at gmail.com> wrote:
>>
>> Dear PDWG,
>>
>> We hereby extend the Last Call period for this draft policy proposal by
>> two weeks to *Saturday 3rd July 2021 at 2359UTC.*
>>
>> This will allow the following:
>>
>> 1. The AFRINIC Secretariat to respond to the operational/implementation
>> concerns that have been raised by the PDWG. This will be done on or before
>> Wednesday 23rd June 2021.
>>
>> 2. Thereafter, give the PDWG time to review the response from the AFRINIC
>> Secretariat and further engage on the same, among other resultant matters.
>>
>> Regards,
>> Vincent Ngundi & Darwin Da Costa
>> AFRINIC PDWG CO-CHAIRS
>>
>>
>>
>> On 8 Jun 2021, at 15:58, PDWG Chair <vincent at ngundi.me.ke> wrote:
>>
>> Dear PDWG,
>>
>> Following the commencement of the Last Call period on 5th June 2021, we
>> have noted some concerns that have been raised by some members of the PDWG.
>> As Co-Chairs, and following a review and analysis of the responses, we have
>> concluded that all the concerns raised have been adequately addressed by
>> either the authors of this policy proposal, or by other members of the PDWG.
>>
>> We therefore encourage participants to engage in, and pursue, any
>> editorial changes to the policy proposal as well as any contentious issues
>> that are objective and founded on proper justifications.
>>
>> We also remind the community to adhere to the AfriNIC Code of Conduct (
>> https://www.afrinic.net/code) in order to ensure that our deliberations
>> remain professional, respectful and appropriate at all times.
>>
>> Finally, we wish to inform the PDWG that the Last Call period closes on
>> 19th June 2021 at 2359UTC.
>>
>> Regards,
>> Vincent Ngundi & Darwin Da Costa
>> AFRINIC PDWG CO-Chairs
>>
>> On 08/06/2021 16:21, jeffery_sky via RPD wrote:
>>
>> Hello,
>> To clarify, these concerns are becoming repetitive due to the lack of
>> adequate responses from the concerned stakeholders. Also, I want to address
>> the fact that the real problem here is not RPKI in any way. What is
>> really bothering me is that *RIR is injecti**ng its own data into RPKI*,
>> which makes the previous argument about how signing space is invalid.Further,
>> the usage of RPKI will lead toAS0 all unallocated space for you.
>> Consequently, the routing changes.
>> I understand that some of these concerns are repeated, but I think it is
>> because they were not addressed properly. The responses provided are
>> mainly vague and it seems to me that you are dodging the comments by
>> bringing the Last call phase procedure and calling out the PDWG co-chairs.
>>
>> The last call phase is dedicated to this type of discussions, and if
>> several people are not convinced, it simply means that the co-authors
>> should try providing insightful responses that go straight to the point,
>> not vague ones. If this vicious cycle and the lack of proper answers
>> continues, consensus will never happen, and the policy cannot be
>> implemented. Also, most of the raised objections have nothing to do with
>> technicalities, therefore, they are meant to be discussed on the RPD. Finally,
>> the arguments you perceive repeated, have not been received accurate
>> replies, which means they will keep popping out. Consequently, the best
>> thing to do, is to dig deeper in this proposal, instead of labelling the
>> arguments as invalid.In the hope of receiving insightful answers...
>>
>> Best.
>>
>>
>> On Tuesday, June 8, 2021, 9:40:10 PM GMT+9, Fernando Frediani
>> <fhfrediani at gmail.com> <fhfrediani at gmail.com> wrote:
>>
>>
>> +1
>>
>> Excelent and simple answer.
>>
>> Em 6/8/2021 3:01 AM, Frank Habicht escreveu:
>> > Hi
>> >
>> > On 08/06/2021 01:45, Daniel Yakmut via RPD wrote:
>> >> Hi,
>> >>
>> >> Are you postulating here that Resources not allocated are susceptible
>> to
>> >> hijack?
>> > - resources are susceptible to hijack.
>> > - if a ROA with AS0 was published for an unallocated resource, it would
>> > be less susceptible to hijack.
>> >
>> >
>> >> My other understanding is an RIR is a resource dispenser.
>> > When I get my next resource from AfriNIC, I will prefer one that was not
>> > previously hijacked and used for spamming and network abuse, and got
>> > blacklisted and a bad reputation everywhere.
>> >
>> > What about you?
>> >
>> >
>> > Thanks,
>> > Frank
>> >
>> >
>> >> Simply
>> >> Daniel
>> >>
>> >> On Mon, Jun 7, 2021, 11:30 PM Fernando Frediani <fhfrediani at gmail.com
>> >> <mailto:fhfrediani at gmail.com>> wrote:
>> >>
>> >> AfriNic (or any other RIR) is the resource holder for IP space
>> that
>> >> IANA has allocated to it. So who else could secure that space
>> until
>> >> it is assigned to an organization issuing ROAs if not the current
>> >> resource holder ?
>> >>
>> >> Must we have a policy accepted by either RIPE or ARIN first in
>> order
>> >> to accept it in AfriNic afterwards ?
>> >> This is not a worry to the RIR, it is actually an additional
>> >> guarantee that no one else will try to make usage of IP space
>> under
>> >> its responsability.
>> >>
>> >> Fernando
>> >>
>> >> On 07/06/2021 19:14, Daniel Yakmut via RPD wrote:
>> >>> Dear Jordi,
>> >>>
>> >>> Just out of curiosity why has RIPE and ARIN refused to adopt the
>> >>> RPKI ROA and make it their responsibility that it is used by
>> >>> resource holder?. I will agree that RPKI ROA is a good tool to
>> >>> secure BGP routing, however I don't see as the responsibility of
>> >>> an RIR to implement it.
>> >>>
>> >>> My strong opinion is that any resource holder should be
>> >>> responsible for securing its resources and if RPKI ROA is the
>> best
>> >>> way to prevent hijack, then it will enjoy patronage. Making it a
>> >>> job of AfriNIC, will possibly be going over board.
>> >>>
>> >>> Responding to my opening question, I believe RIPE and ARIN are
>> not
>> >>> keen on accepting your arguments because they are mundane. This
>> >>> means resource holders should handle this issue, without making
>> it
>> >>> a worry of the RIR.
>> >>>
>> >>> In this regard, AfriNIC should concentrate on handling other more
>> >>> important issues, hence this policy is not relevant.
>> >>>
>> >>>
>> >>> Simply
>> >>>
>> >>> Daniel
>> >>>
>> >>> On 07/06/2021 6:3pm, JORDI PALET MARTINEZ via RPD wrote:
>> >>>> Ni Mimi,____
>> >>>>
>> >>>> __ __
>> >>>>
>> >>>> No, is not ideological, the legal counsel already confirmed the
>> >>>> being bookkeepers has many other **related** implications, such
>> >>>> as provide a trustable source of accurate data, and this is what
>> >>>> RPKI and AS0 improve.____
>> >>>>
>> >>>> __ __
>> >>>>
>> >>>> The fact that in RIPE has not been accepted yet is just one more
>> >>>> excuse, if you compare it with the fact that the other TWO RIRs
>> >>>> where it has been submitted (APNIC and LACNIC) accepted it and
>> in
>> >>>> none of those regions there have been any of the excuses and
>> lack
>> >>>> of knowledge about RPKI that we are hearing here. As I’ve
>> >>>> explained already, I don’t think the RIPE chairs decision was
>> >>>> correct, and we will make sure to resubmit the proposal there
>> >>>> once a consistent appeal process is available, in case chairs
>> >>>> take again a wrong decision. Also, then the experience in APNIC,
>> >>>> LACNIC and AFRINIC will show that those motivations are
>> >>>> ridiculous.____
>> >>>>
>> >>>> __ __
>> >>>>
>> >>>> From time to time is good that ARIN and RIPE aren’t the leaders,
>> >>>> you don’t think so? It shows that very smart people exist in
>> >>>> other regions as well!____
>> >>>>
>> >>>> __ __
>> >>>>
>> >>>> Once more, sometimes policies in one or the other region fail to
>> >>>> reach consensus, but it happens sooner or later.____
>> >>>>
>> >>>> __ __
>> >>>>
>> >>>> If you have a simple and trustable tool such as RPKI to drop
>> >>>> invalids, you have a better way (if you want) to avoid bad
>> actors
>> >>>> to use prefixes that don’t belong to them as they are still on
>> >>>> the hands of AFRINIC. This is just facts. Not ideological, not
>> >>>> opinions or personal view points. So yes, AS0 avoids, if you
>> >>>> operate your network in a consistent way, to be faked with
>> >>>> prefixes not allocated/assigned by AFRINIC, and thus helps to
>> >>>> prevent hijacking.____
>> >>>>
>> >>>> __ __
>> >>>>
>> >>>> Regards,____
>> >>>>
>> >>>> Jordi____
>> >>>>
>> >>>> @jordipalet____
>> >>>>
>> >>>> __ __
>> >>>>
>> >>>> __ __
>> >>>>
>> >>>> __ __
>> >>>>
>> >>>> El 7/6/21 18:47, "Mimi dy" <dym5328 at gmail.com
>> >>>> <mailto:dym5328 at gmail.com>> escribió:____
>> >>>>
>> >>>> __ __
>> >>>>
>> >>>> Dear WG,____
>> >>>>
>> >>>> ____
>> >>>>
>> >>>> I think the issue here is ideological. Many people believe that
>> >>>> RIRs are mere bookkeepers, and it is not in their mandate to
>> >>>> inject data into the routing database. That is the reason why
>> >>>> RIPE did not approve a similar proposal, which I totally agree
>> >>>> with. Moreover, I wanted to react to Jordi’s statement, saying
>> >>>> that these objections are based on practical and technical
>> >>>> matters. There is not only one routing database, there are many,
>> >>>> isn’t it kind of messy? And that is not even the main reason why
>> >>>> I object to this policy. ____
>> >>>>
>> >>>> From another perspective, since people can adjust and control
>> >>>> their routers, can you precise how this policy can potentially
>> >>>> prevent/ reduce hijacking?____
>> >>>>
>> >>>> ____
>> >>>>
>> >>>> Best.____
>> >>>>
>> >>>> _______________________________________________ RPD mailing list
>> >>>> RPD at afrinic.net <mailto:RPD at afrinic.net>
>> >>>> https://lists.afrinic.net/mailman/listinfo/rpd
>> >>>> <https://lists.afrinic.net/mailman/listinfo/rpd> ____
>> >>>>
>> >>>>
>> >>>> **********************************************
>> >>>> IPv4 is over
>> >>>> Are you ready for the new Internet ?
>> >>>> http://www.theipv6company.com <http://www.theipv6company.com>
>> >>>> The IPv6 Company
>> >>>>
>> >>>> This electronic message contains information which may be
>> >>>> privileged or confidential. The information is intended to be
>> for
>> >>>> the exclusive use of the individual(s) named above and further
>> >>>> non-explicilty authorized disclosure, copying, distribution or
>> >>>> use of the contents of this information, even if partially,
>> >>>> including attached files, is strictly prohibited and will be
>> >>>> considered a criminal offense. If you are not the intended
>> >>>> recipient be aware that any disclosure, copying, distribution or
>> >>>> use of the contents of this information, even if partially,
>> >>>> including attached files, is strictly prohibited, will be
>> >>>> considered a criminal offense, so you must reply to the original
>> >>>> sender to inform about this communication and delete it.
>>
>> >>>>
>> >>>>
>> >>>> _______________________________________________
>> >>>> RPD mailing list
>> >>>> RPD at afrinic.net <mailto:RPD at afrinic.net>
>> >>>> https://lists.afrinic.net/mailman/listinfo/rpd <
>> https://lists.afrinic.net/mailman/listinfo/rpd>
>> >>> _______________________________________________
>> >>> RPD mailing list
>> >>> RPD at afrinic.net <mailto:RPD at afrinic.net>
>> >>> https://lists.afrinic.net/mailman/listinfo/rpd <
>> https://lists.afrinic.net/mailman/listinfo/rpd>
>> >> _______________________________________________
>> >> RPD mailing list
>> >> RPD at afrinic.net <mailto:RPD at afrinic.net>
>> >> https://lists.afrinic.net/mailman/listinfo/rpd
>> >> <https://lists.afrinic.net/mailman/listinfo/rpd>
>> >>
>> >>
>> >> _______________________________________________
>> >> RPD mailing list
>> >> RPD at afrinic.net
>> >> https://lists.afrinic.net/mailman/listinfo/rpd
>> >>
>> > _______________________________________________
>> > RPD mailing list
>> > RPD at afrinic.net
>> > https://lists.afrinic.net/mailman/listinfo/rpd
>>
>> _______________________________________________
>> RPD mailing list
>> RPD at afrinic.net
>> https://lists.afrinic.net/mailman/listinfo/rpd
>>
>> _______________________________________________
>> RPD mailing listRPD at afrinic.nethttps://lists.afrinic.net/mailman/listinfo/rpd
>>
>> _______________________________________________
>> RPD mailing list
>> RPD at afrinic.net
>> https://lists.afrinic.net/mailman/listinfo/rpd
>>
>>
>> _______________________________________________
>> RPD mailing list
>> RPD at afrinic.net
>> https://lists.afrinic.net/mailman/listinfo/rpd
>>
>>
>> _______________________________________________
>> RPD mailing list
>> RPD at afrinic.net
>> https://lists.afrinic.net/mailman/listinfo/rpd
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.afrinic.net/pipermail/rpd/attachments/20210722/f1872fb3/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 1_RPKI Appeal Final.docx
Type: application/vnd.openxmlformats-officedocument.wordprocessingml.document
Size: 31597 bytes
Desc: not available
URL: <https://lists.afrinic.net/pipermail/rpd/attachments/20210722/f1872fb3/attachment-0001.docx>
More information about the RPD
mailing list