<div dir="ltr"><div class="gmail_default" style="font-size:small">The proposal for RPKI is not applicable as it centralises the control of internet; and also represents a potential risk for government to overtake it. </div><div class="gmail_default" style="font-size:small">We are a community and need to be independent on the way we treat our resources; so i oppose this proposal. </div><div><div dir="ltr" class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><b style="font-family:monospace,monospace;font-size:large">KAKEL MBUMB</b></div><div><b style="font-family:monospace,monospace;font-size:large">Chargé du Département Entrepreneuriat au Forum National de la Jeunesse (FNJ)</b></div><div><b style="font-family:monospace,monospace;font-size:large">Coordinator, YPARD-RDC Grand Katanga, Agricultural Development through Youths<br></b></div><div dir="ltr"><div><i><font style="background-color:rgb(255,255,255)" color="#38761d"><b style="font-family:verdana,sans-serif;font-size:12.8px">Project Vice Coordinator, Agribusiness Cooperative - CAAPJECO</b><br></font></i></div><div><div style="font-size:12.8px"><font face="verdana, sans-serif" color="#0000ff"><b><i>Consultant, RESOJEC, Youth Chamber of Commerce</i></b></font></div><div style="font-size:12.8px"><font face="verdana, sans-serif" color="#0000ff"><b><i>Country Representative, Mashinani Hub ,ICT skills for rural communities</i></b></font></div><div style="font-size:12.8px"></div></div><div><div style="font-size:12.8px"><font face="verdana, sans-serif" color="#0000ff"><b style="background-color:rgb(255,255,255)"></b></font></div><div style="font-size:12.8px"><font face="verdana, sans-serif" color="#0000ff"><b style="background-color:rgb(255,255,255)">Yali RLC EA Cohort 6 Alumnus, Business & Entrepreneurship</b></font></div><div style="font-size:12.8px"><b style="font-size:12.8px;color:rgb(255,0,0)">Lubumbashi, Haut-Katanga Province</b><br></div></div><div><div><font color="#ff0000"><b>Democratic Republic of the Congo (Congo, DRC)</b></font></div><div><i><font color="#674ea7"><b style="font-size:12.8px">Phone: +243 993 656 038 (Whatsapp)</b> <br></font></i></div><div><b><i><font color="#674ea7">Facebook: </font></i></b><font color="#674ea7"><b><i><a href="https://www.facebook.com/kakelmbumb" target="_blank">https://www.facebook.com/kakelmbumb</a></i></b></font></div><div><b style="font-size:12.8px"><i><font color="#674ea7">Twitter: </font></i></b><font style="font-size:12.8px" color="#674ea7"><b><i><a href="https://twitter.com/KakelMbumb" target="_blank">https://twitter.com/KakelMbumb</a></i></b></font><br></div><div><b><i><font color="#674ea7">Linked in: </font></i></b><font color="#674ea7"><b><i><a href="https://www.linkedin.com/in/kakel-mbumb-240534ba/" target="_blank">https://www.linkedin.com/in/kakel-mbumb-240534ba/</a></i></b></font></div><div><b style="font-size:12.8px"><i><font color="#674ea7">Skype: kakel.mbumb1</font></i></b><font color="#674ea7"><b><i><br></i></b></font></div><div><br><br></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div><br></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">Le sam. 4 janv. 2020 à 12:07, <<a href="mailto:rpd-request@afrinic.net">rpd-request@afrinic.net</a>> a écrit :<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">Send RPD mailing list submissions to<br>
<a href="mailto:rpd@afrinic.net" target="_blank">rpd@afrinic.net</a><br>
<br>
To subscribe or unsubscribe via the World Wide Web, visit<br>
<a href="https://lists.afrinic.net/mailman/listinfo/rpd" rel="noreferrer" target="_blank">https://lists.afrinic.net/mailman/listinfo/rpd</a><br>
or, via email, send a message with subject or body 'help' to<br>
<a href="mailto:rpd-request@afrinic.net" target="_blank">rpd-request@afrinic.net</a><br>
<br>
You can reach the person managing the list at<br>
<a href="mailto:rpd-owner@afrinic.net" target="_blank">rpd-owner@afrinic.net</a><br>
<br>
When replying, please edit your Subject line so it is more specific<br>
than "Re: Contents of RPD digest..."<br>
<br>
<br>
Today's Topics:<br>
<br>
1. AFPUB-2019-GEN-006-DRAFT01: "RPKI ROAs for Unallocated and<br>
Unassigned AFRINIC Address Space" (Sylvain Baya)<br>
2. Re: New policy proposals and updated ones - RPKI-ROAs<br>
(Daniel Yakmut)<br>
<br>
<br>
----------------------------------------------------------------------<br>
<br>
Message: 1<br>
Date: Sat, 4 Jan 2020 00:01:55 +0100<br>
From: Sylvain Baya <<a href="mailto:abscoco@gmail.com" target="_blank">abscoco@gmail.com</a>><br>
To: Owen DeLong <<a href="mailto:owen@delong.com" target="_blank">owen@delong.com</a>>, "PDWG's Mailing List"<br>
<<a href="mailto:rpd@afrinic.net" target="_blank">rpd@afrinic.net</a>><br>
Subject: [rpd] AFPUB-2019-GEN-006-DRAFT01: "RPKI ROAs for Unallocated<br>
and Unassigned AFRINIC Address Space"<br>
Message-ID:<br>
<<a href="mailto:CAJjTEvEDJog_EvR8O5VYvi6uf%2ByhdN-tsWhzaxnhkDH4mGSTwg@mail.gmail.com" target="_blank">CAJjTEvEDJog_EvR8O5VYvi6uf+yhdN-tsWhzaxnhkDH4mGSTwg@mail.gmail.com</a>><br>
Content-Type: text/plain; charset="UTF-8"<br>
<br>
Hi all,<br>
<br>
Best wishes for this new year ; added in the Grace era !<br>
<br>
Please my comments are below (inline)...<br>
<br>
2020-01-03 17:46 UTC+01:00, Owen DeLong <<a href="mailto:owen@delong.com" target="_blank">owen@delong.com</a>>:<br>
><br>
><br>
>> On Dec 30, 2019, at 06:38 , Paschal Ochang <<a href="mailto:pascosoft@gmail.com" target="_blank">pascosoft@gmail.com</a>> wrote:<br>
>><br>
>> Hello Jordi,<br>
>> feliz Navidad y un Feliz A?o Nuevo.<br>
>><br>
>> I have some concerns regarding this proposal and also some clarifications<br>
>> .<br>
>><br>
>> I think statistically AFRINIC has a good percentage of IPv4 address space<br>
>> covered by route origin authorization as compared to APNIC. APNIC has a<br>
>> very low percentage statically hence it's hurried acceptance of the<br>
>> proposal.<br>
><br>
> I corrected the subject line to be descriptive of what is meant by ?the<br>
> proposal/this proposal??<br>
><br>
<br>
Dear Owen,<br>
<br>
Thanks for your email.<br>
<br>
...yes ! adjusting the subject line helps to focus the discussion,<br>
but i'm not sure that there was a real need in this particular case :-/<br>
<br>
...btw, your timing is perfect, with the new year :-D<br>
<br>
><br>
> There?s no relationship between your statement and the proposal.<br>
><br>
<br>
...not sure !<br>
But if you append ?intent? to ?proposal? ; then i'll certainly agree ; -)<br>
<br>
...please see below.<br>
<br>
><br>
> The proposal creates AS0 ROAs for addresses in the RIR inventory which have<br>
> not been issued or which have been reclaimed or returned.<br>
><br>
<br>
Exact !<br>
<br>
...but don't forget that usually, in this PDWG, the title and problem statement<br>
(and even the description of the proposed solution) of a DPP (Draft Policy<br>
Proposal) means nothing.<br>
<br>
Yes, that's sad ! but true :'-(<br>
<br>
><br>
> It has nothing to do with addresses which have been issued but are not<br>
> covered by an ROA.<br>
><br>
> As such, I see no problem with the proposal.<br>
><br>
>> I think using the approach in this policy is majorly to handle accidental<br>
>> incidents rather than malicious attacks whereby someone might try to<br>
>> manipulate an AS path.<br>
><br>
> RPKI does nothing at all to help with manipulated AS Paths. It is only<br>
> effective against prefixes originated from the wrong ASN.<br>
><br>
> In the case of this policy, it will aid in the prevention/detection of<br>
> unauthorized use of unallocated number resources.<br>
><br>
>> It is suggested to always drop invalid announcements, rather than applying<br>
>> a lower preference. This is because sub-prefix hijackings would be still<br>
>> possible if invalids are accepted and this would go against the purpose of<br>
>> RPKI validation. However I think the text should state how invalids<br>
>> should be dropped in order not to trigger loosing connectivity.<br>
><br>
> I?m not sure how many different ways you think there are to drop a route. At<br>
> least on the routers I?ve run (Cisco, Juniper, Mikrotik, Vyatta, Ascend,<br>
> Livingston, Foundry, etc.), you can either drop a prefix or accept it. The<br>
> decision is binary and there are not multiple ?ways? to drop on. In some<br>
> cases, you can choose additional behaviors such as logging, but I hardly see<br>
> that as relevant to whether connectivity is preserved or not.<br>
><br>
> I think what you may be missing in your understanding is that Invalid is not<br>
> the same as Unknown. RPKI validation provides three possible results:<br>
> 1. Valid ? The route matches a ROA and the ROA matches the Origin ASN.<br>
> Further, the ROA signature chain is cryptographically valid.<br>
> 2. Invalid ? The route matches a ROA, but either the ROA signature fails<br>
> validation or the Origin ASN does not match or the prefix length is longer<br>
> than the specified maximum.<br>
> 3. Not Found/Unknown ? The route does not match a ROA<br>
><br>
> Note that a prefix which is shorter than an intersecting ROA is considered<br>
> not to match. See table below for details on how this works out:<br>
><br>
><br>
> ROA Prefix<br>
> MAX Length<br>
> Origin AS<br>
> Received Prefix<br>
> Origin AS<br>
> Result<br>
><br>
> <a href="http://192.0.2.0/24" rel="noreferrer" target="_blank">192.0.2.0/24</a><br>
> 24<br>
> 65550<br>
> <a href="http://192.0.2.0/24" rel="noreferrer" target="_blank">192.0.2.0/24</a><br>
> 64498<br>
> Invalid<br>
><br>
> <a href="http://192.0.2.0/24" rel="noreferrer" target="_blank">192.0.2.0/24</a><br>
> 24<br>
> 65550<br>
> <a href="http://192.0.2.0/28" rel="noreferrer" target="_blank">192.0.2.0/28</a><br>
> 64498<br>
> Invalid<br>
><br>
> <a href="http://192.0.2.0/24" rel="noreferrer" target="_blank">192.0.2.0/24</a><br>
> 24<br>
> 65550<br>
> <a href="http://192.0.2.0/24" rel="noreferrer" target="_blank">192.0.2.0/24</a><br>
> 65550<br>
> Valid<br>
><br>
> <a href="http://192.0.2.0/24" rel="noreferrer" target="_blank">192.0.2.0/24</a><br>
> 24<br>
> 65550<br>
> <a href="http://192.0.2.0/28" rel="noreferrer" target="_blank">192.0.2.0/28</a><br>
> 65550<br>
> Invalid<br>
><br>
> <a href="http://192.0.2.0/28" rel="noreferrer" target="_blank">192.0.2.0/28</a><br>
> 28<br>
> 65550<br>
> <a href="http://192.0.2.0/24" rel="noreferrer" target="_blank">192.0.2.0/24</a><br>
> 64498<br>
> Unknown<br>
><br>
> <a href="http://192.0.2.0/28" rel="noreferrer" target="_blank">192.0.2.0/28</a><br>
> 28<br>
> 65550<br>
> <a href="http://192.0.2.0/24" rel="noreferrer" target="_blank">192.0.2.0/24</a><br>
> 65550<br>
> Unknown<br>
><br>
> <a href="http://192.0.2.0/28" rel="noreferrer" target="_blank">192.0.2.0/28</a><br>
> 28<br>
> 65550<br>
> <a href="http://192.0.2.0/28" rel="noreferrer" target="_blank">192.0.2.0/28</a><br>
> 64498<br>
> Invalid<br>
><br>
> <a href="http://192.0.2.0/28" rel="noreferrer" target="_blank">192.0.2.0/28</a><br>
> 28<br>
> 65550<br>
> <a href="http://192.0.2.0/28" rel="noreferrer" target="_blank">192.0.2.0/28</a><br>
> 65550<br>
> Valid<br>
><br>
> <a href="http://192.0.2.0/24" rel="noreferrer" target="_blank">192.0.2.0/24</a><br>
> 24<br>
> 65550<br>
> <a href="http://192.0.2.64/26" rel="noreferrer" target="_blank">192.0.2.64/26</a><br>
> 65550<br>
> Invalid<br>
><br>
> <a href="http://192.0.2.0/24" rel="noreferrer" target="_blank">192.0.2.0/24</a><br>
> 28<br>
> 65550<br>
> <a href="http://192.0.2.64/26" rel="noreferrer" target="_blank">192.0.2.64/26</a><br>
> 65550<br>
> Valid<br>
><br>
><br>
>> Finally I dont think it will be a nice idea allowing resource holders to<br>
>> create AS0 ROA as I think this scenario might increase the issue of<br>
>> invalid prefixes in the routing tables.<br>
><br>
> This proposal does not allow resource holders to create AS0 ROAs. It expects<br>
> AfriNIC to create AS0 ROAs for space which is within AfriNIC administration,<br>
> but which is not currently issued.<br>
><br>
<br>
...i think the following portion of the [1] text explains the concerns<br>
raised by Paschal :<br>
<br>
?[...] Any resource holder can create AS0 (zero) ROAs for the<br>
resources they have<br>
under their account/administration.<br>
<br>
An RPKI ROA is a positive attestation that a prefix holder has<br>
authorized an Autonomous System to originate a route for this prefix<br>
to the global BGP routing table. An RPKI ROA for the same prefixes<br>
with AS0 (zero) origin shows a negative intent from the resource<br>
holder to have the prefixes advertised in the global BGP routing<br>
table. [...]?<br>
__<br>
[1]: <<a href="https://afrinic.net/policy/proposals/2019-gen-006-d1/amp" rel="noreferrer" target="_blank">https://afrinic.net/policy/proposals/2019-gen-006-d1/amp</a>><br>
<br>
><br>
> I hope that clarifies the situation.<br>
><br>
<br>
...not sure, but you did more for most of the participants, in<br>
promoting RPKI (Resource Public Key Infrastructure), ROA (Route Origin<br>
Autorisation) and ROV (RPKI-based route Origin Validation). So,<br>
validate and drop non-valid routes...<br>
<br>
IMHO, what would clarify is to :<br>
<br>
??/<br>
?'drop'/remove that portion of the text :-)<br>
? (eventually) create a sub-section to provide definitions<br>
for new concepts. The definition sub-section would remove<br>
any ambiguity.<br>
? (even if i think that this proposal is too much operational)<br>
simplify the core policy text like this :<br>
?1| ?AFRINIC MUST/will create ROAs with origin AS0 for all<br>
the unallocated and unassigned address space (IPv4 & IPv6)<br>
for which it is the current administrator.?<br>
?2| (i prefer this less operational version) ?AFRINIC MUST/will<br>
flag/mark all the unused (unallocated & unassigned) address<br>
space (IPv4 & IPv6) for which it is the current administrator.<br>
In order to render its unused address space unsquattable<br>
in a global secured routing context.?<br>
? ...<br>
??\<br>
<br>
The difference with my version (2|) is that it's more agnostic<br>
(technologcally/operationally speaking) and portable then it<br>
could (probably) more easily pass in all RIRs with the same<br>
text. To be proposed as a global policy : final/first goal of the<br>
authors :-)<br>
<br>
...to be clearer, i prefer ?resource? rather than ?address space? ;-)<br>
<br>
Shalom,<br>
--sb.<br>
<br>
><br>
> Owen<br>
><br>
>><br>
>> On Tuesday, November 5, 2019, JORDI PALET MARTINEZ via RPD<br>
>> <<a href="mailto:rpd@afrinic.net" target="_blank">rpd@afrinic.net</a> <mailto:<a href="mailto:rpd@afrinic.net" target="_blank">rpd@afrinic.net</a>>> wrote:<br>
>> Hi Sylvain,<br>
>><br>
>><br>
>><br>
>><br>
>><br>
>><br>
>><br>
>> El 5/11/19 6:11, "Sylvain Baya" <<a href="mailto:abscoco@gmail.com" target="_blank">abscoco@gmail.com</a><br>
>> <mailto:<a href="mailto:abscoco@gmail.com" target="_blank">abscoco@gmail.com</a>>> escribi?:<br>
>><br>
>><br>
>><br>
>> Hi all,<br>
>><br>
>><br>
>><br>
>> Hope you are doing well.<br>
>><br>
>><br>
>><br>
>> Please comments below (inline)...<br>
>><br>
>><br>
>><br>
>> Le mardi 5 novembre 2019, JORDI PALET MARTINEZ via RPD <<a href="mailto:rpd@afrinic.net" target="_blank">rpd@afrinic.net</a><br>
>> <mailto:<a href="mailto:rpd@afrinic.net" target="_blank">rpd@afrinic.net</a>>> a ?crit :<br>
>><br>
>> Hi all,<br>
>><br>
>> [...]<br>
>> This is the list of new policy proposals (note that the numbering can be<br>
>> modified by the staff when published).<br>
>><br>
>> 1) AFPUB-2019-IPv6-002-DRAFT01: "Adjusting IPv6 PA Policy"<br>
>> Solves a discrepancy between IPv6 PI and IPv6 PA regarding the<br>
>> announcement of aggregated addressing space.<br>
>><br>
>> 2) AFPUB-2019-GEN-003-DRAFT01: "Chairs Elections Process"<br>
>> Including in the CPM a detailed procedure for the chair's elections.<br>
>><br>
>> 3) AFPUB-2019-GEN-004-DRAFT01: "M&A Resource Transfers"<br>
>> Including in the CPM intra-RIR M&A for ASN, IPv4 and IPv6.<br>
>><br>
>> 4) AFPUB-2019-GEN-005-DRAFT01: "Impact Analysis is Mandatory"<br>
>><br>
>> 5) AFPUB-2019-GEN-006-DRAFT01: "RPKI ROAs for Unallocated and Unassigned<br>
>> AFRINIC Address Space"<br>
>><br>
>><br>
>><br>
>> ...i like this one. I recall that i was thinking ok how to solve the<br>
>> problem of 'Internet resources<br>
>><br>
>> squatting'. I was naively imagining a solution where a RIR will have to<br>
>> flag all their<br>
>><br>
>> unallocated|unassigned Address Space ; via a particular attribute of the<br>
>> IRR (Internet Routing<br>
>><br>
>> Registry). Now i understand that i was not too dummy or even crazy :-)<br>
>><br>
>><br>
>><br>
>> Oh no! In that case the crazy one is me :-) !<br>
>><br>
>><br>
>><br>
>> Please send me your DPP (Draft Policy Proposal), i can not wait more to<br>
>> review it ;-)<br>
>><br>
>> Thanks.<br>
>><br>
>><br>
>><br>
>> I was thinking in sending them in order (2 more today, 2 more tomorrow),<br>
>> but as you have interest in this one. My next one will be this one, I<br>
>> promise! Give me first a few minutes to respond to all the emails I got<br>
>> till now ?<br>
>><br>
>><br>
>><br>
>> Shalom,<br>
>><br>
>> --sb.<br>
>><br>
>><br>
>><br>
>> Updated policy proposals:<br>
>><br>
>> a) AFPUB-2019-ASN-001-DRAFT03: "Multihoming not required for ASN"<br>
>><br>
>> b) AFPUB-2019-IPv4-002-DRAFT02: "IPv4 Inter-RIR Resource Transfers<br>
>> (Comprehensive Scope)"<br>
>><br>
>> c) AFPUB-2018-GEN-001-DRAFT04: "Abuse Contact Policy Update"<br>
>><br>
>> Regards,<br>
>> Jordi<br>
>> @jordipalet<br>
>><br>
>> [...]<br>
>><br>
>><br>
>><br>
>> --<br>
>><br>
>><br>
>><br>
>><br>
>><br>
>> --<br>
>><br>
>><br>
>><br>
>> Best Regards !<br>
>><br>
>><br>
>><br>
>> Sylvain BAYA<br>
>><br>
>> cmNOG's Co-Founder & Coordinator<br>
>><br>
>> (+237) 677005341<br>
>><br>
>> PO Box 13107 YAOUNDE / CAMEROON<br>
>><br>
>> baya.sylvain [AT cmNOG DOT cm]<br>
>><br>
>> abscoco2001 [AT yahoo DOT fr]<br>
>><br>
>> <a href="http://www.cmnog.cm" rel="noreferrer" target="_blank">http://www.cmnog.cm</a> <<a href="http://www.cmnog.cm/" rel="noreferrer" target="_blank">http://www.cmnog.cm/</a>><br>
>> <a href="https://cmnog.wordpress.com" rel="noreferrer" target="_blank">https://cmnog.wordpress.com</a> <<a href="https://cmnog.wordpress.com/" rel="noreferrer" target="_blank">https://cmnog.wordpress.com/</a>><br>
>> ************************<br>
>><br>
>> ?#?LASAINTEBIBLE(?#?Romains15:33):"Que LE ?#?DIEU de ?#?Paix soit avec<br>
>> vous tous!?#?Amen!"<br>
>><br>
>> ?#?MaPri?re est que tu naisses de nouveau.<br>
>><br>
>> ?#?Chr?tiennement<br>
>><br>
>> ? Comme une biche soupire apr?s des courants d?eau, Ainsi mon<br>
>> ?me soupire apr?s toi, ? DIEU! ? (Psaumes 42 :2)<br>
>><br>
>><br>
>><br>
>><br>
>> _______________________________________________ RPD mailing list<br>
>> <a href="mailto:RPD@afrinic.net" target="_blank">RPD@afrinic.net</a> <mailto:<a href="mailto:RPD@afrinic.net" target="_blank">RPD@afrinic.net</a>><br>
>> <a href="https://lists.afrinic.net/mailman/listinfo/rpd" rel="noreferrer" target="_blank">https://lists.afrinic.net/mailman/listinfo/rpd</a><br>
>> <<a href="https://lists.afrinic.net/mailman/listinfo/rpd" rel="noreferrer" target="_blank">https://lists.afrinic.net/mailman/listinfo/rpd</a>><br>
>> **********************************************<br>
>> IPv4 is over<br>
>> Are you ready for the new Internet ?<br>
>> <a href="http://www.theipv6company.com" rel="noreferrer" target="_blank">http://www.theipv6company.com</a> <<a href="http://www.theipv6company.com/" rel="noreferrer" target="_blank">http://www.theipv6company.com/</a>><br>
>> The IPv6 Company<br>
>><br>
>> This electronic message contains information which may be privileged or<br>
>> confidential. The information is intended to be for the exclusive use of<br>
>> the individual(s) named above and further non-explicilty authorized<br>
>> disclosure, copying, distribution or use of the contents of this<br>
>> information, even if partially, including attached files, is strictly<br>
>> prohibited and will be considered a criminal offense. If you are not the<br>
>> intended recipient be aware that any disclosure, copying, distribution or<br>
>> use of the contents of this information, even if partially, including<br>
>> attached files, is strictly prohibited, will be considered a criminal<br>
>> offense, so you must reply to the original sender to inform about this<br>
>> communication and delete it.<br>
>><br>
>> _______________________________________________<br>
>> RPD mailing list<br>
>> <a href="mailto:RPD@afrinic.net" target="_blank">RPD@afrinic.net</a><br>
>> <a href="https://lists.afrinic.net/mailman/listinfo/rpd" rel="noreferrer" target="_blank">https://lists.afrinic.net/mailman/listinfo/rpd</a><br>
><br>
><br>
<br>
<br>
<br>
--<br>
Best Regards !<br>
baya.sylvain [AT cmNOG DOT cm] | <<a href="https://www.cmnog.cm" rel="noreferrer" target="_blank">https://www.cmnog.cm</a>> |<br>
<<a href="https://survey.cmnog.cm" rel="noreferrer" target="_blank">https://survey.cmnog.cm</a>><br>
Subscribe to Mailing List : <<a href="https://lists.cmnog.cm/mailman/listinfo/cmnog/" rel="noreferrer" target="_blank">https://lists.cmnog.cm/mailman/listinfo/cmnog/</a>><br>
__<br>
#?LASAINTEBIBLE?|?#?Romains15?:33?*Que LE ?#?DIEU? de ?#?Paix? soit avec<br>
vous tous! ?#?Amen?!*?<br>
?#?MaPri?re? est que tu naisses de nouveau. #Chr?tiennement?<br>
?*Comme une biche soupire apr?s des courants d?eau, ainsi mon ?me soupire<br>
apr?s TOI, ? DIEU!*? (#Psaumes42:2)<br>
<br>
<br>
<br>
------------------------------<br>
<br>
Message: 2<br>
Date: Sat, 4 Jan 2020 11:05:58 +0100<br>
From: Daniel Yakmut <<a href="mailto:yakmutd@googlemail.com" target="_blank">yakmutd@googlemail.com</a>><br>
To: Paschal Ochang <<a href="mailto:pascosoft@gmail.com" target="_blank">pascosoft@gmail.com</a>>, "rpd >> AfriNIC Resource<br>
Policy" <<a href="mailto:rpd@afrinic.net" target="_blank">rpd@afrinic.net</a>><br>
Subject: Re: [rpd] New policy proposals and updated ones - RPKI-ROAs<br>
Message-ID: <<a href="mailto:af4aee1c-37a2-fd08-1672-e4b02f124de5@gmail.com" target="_blank">af4aee1c-37a2-fd08-1672-e4b02f124de5@gmail.com</a>><br>
Content-Type: text/plain; charset="utf-8"; Format="flowed"<br>
<br>
The current state of RPKI infrastructure, does not provide a sufficient <br>
period between revocation of ROA and notification that a given prefix <br>
has been allocated to an organization, which can impact considerably on <br>
allocations. Except we can be able to provide a sufficient period or <br>
create a different procedure, the proposal for the RPKI-ROAs does not fly.<br>
<br>
On 30/12/2019 6:12 pm, Paschal Ochang wrote:<br>
> Yes in a way.<br>
><br>
> On Monday, December 30, 2019, Fernando Frediani <<a href="mailto:fhfrediani@gmail.com" target="_blank">fhfrediani@gmail.com</a> <br>
> <mailto:<a href="mailto:fhfrediani@gmail.com" target="_blank">fhfrediani@gmail.com</a>>> wrote:<br>
><br>
> On 30/12/2019 11:38, Paschal Ochang wrote:<br>
>><br>
>> It is suggested to always drop invalid announcements, rather than<br>
>> applying a lower preference. This is because sub-prefix<br>
>> hijackings would be still possible if invalids are accepted and<br>
>> this would go against the purpose of RPKI validation. However? I<br>
>> think the text should state how invalids should be dropped in<br>
>> order not to trigger loosing connectivity.<br>
><br>
> If I understand correctly what you are willing to say, no proposal<br>
> should have on the text a way Autonomous Systems must treat<br>
> announcements they receive as it's their own decision. Some may<br>
> decide to drop what is recommended and some might just lower<br>
> preference at their own discretion right ?<br>
><br>
><br>
>><br>
>><br>
>> On Tuesday, November 5, 2019, JORDI PALET MARTINEZ via RPD<br>
>> <<a href="mailto:rpd@afrinic.net" target="_blank">rpd@afrinic.net</a> <mailto:<a href="mailto:rpd@afrinic.net" target="_blank">rpd@afrinic.net</a>>> wrote:<br>
>><br>
>> Hi Sylvain,<br>
>><br>
>> El 5/11/19 6:11, "Sylvain Baya" <<a href="mailto:abscoco@gmail.com" target="_blank">abscoco@gmail.com</a><br>
>> <mailto:<a href="mailto:abscoco@gmail.com" target="_blank">abscoco@gmail.com</a>>> escribi?:<br>
>><br>
>> Hi all,<br>
>><br>
>> Hope you are doing well.<br>
>><br>
>> Please comments below (inline)...<br>
>><br>
>><br>
>><br>
>> Le mardi 5 novembre 2019, JORDI PALET MARTINEZ via RPD<br>
>> <<a href="mailto:rpd@afrinic.net" target="_blank">rpd@afrinic.net</a> <mailto:<a href="mailto:rpd@afrinic.net" target="_blank">rpd@afrinic.net</a>>> a ?crit?:<br>
>><br>
>> Hi all,<br>
>><br>
>> [...]<br>
>> This is the list of new policy proposals (note that the<br>
>> numbering can be modified by the staff when published).<br>
>><br>
>> 1) AFPUB-2019-IPv6-002-DRAFT01: "Adjusting IPv6 PA Policy"<br>
>> Solves a discrepancy between IPv6 PI and IPv6 PA<br>
>> regarding the announcement of aggregated addressing space.<br>
>><br>
>> 2) AFPUB-2019-GEN-003-DRAFT01: "Chairs Elections Process"<br>
>> Including in the CPM a detailed procedure for the chair's<br>
>> elections.<br>
>><br>
>> 3) AFPUB-2019-GEN-004-DRAFT01: "M&A Resource Transfers"<br>
>> Including in the CPM intra-RIR M&A for ASN, IPv4 and IPv6.<br>
>><br>
>> 4) AFPUB-2019-GEN-005-DRAFT01: "Impact Analysis is Mandatory"<br>
>><br>
>> 5) AFPUB-2019-GEN-006-DRAFT01: "RPKI ROAs for Unallocated<br>
>> and Unassigned AFRINIC Address Space"<br>
>><br>
>> ...i like this one. I recall that i was thinking ok how to<br>
>> solve the problem of 'Internet resources<br>
>><br>
>> squatting'. I was naively imagining a solution where a RIR<br>
>> will have to flag all their<br>
>><br>
>> unallocated|unassigned Address Space ; via a particular<br>
>> attribute of the IRR (Internet Routing<br>
>><br>
>> Registry). Now i understand that i was not too dummy or even<br>
>> crazy :-)<br>
>><br>
>> Oh no! In that case the crazy one is me :-) !<br>
>><br>
>> Please send me your DPP (Draft Policy Proposal), i can not<br>
>> wait more to review it ;-)<br>
>><br>
>> Thanks.<br>
>><br>
>> I was thinking in sending them in order (2 more today, 2 more<br>
>> tomorrow), but as you have interest in this one. My next one<br>
>> will be this one, I promise! Give me first a few minutes to<br>
>> respond to all the emails I got till now ?<br>
>><br>
>> Shalom,<br>
>><br>
>> --sb.<br>
>><br>
>> Updated policy proposals:<br>
>><br>
>> a) AFPUB-2019-ASN-001-DRAFT03: "Multihoming not required<br>
>> for ASN"<br>
>><br>
>> b) AFPUB-2019-IPv4-002-DRAFT02: "IPv4 Inter-RIR Resource<br>
>> Transfers (Comprehensive Scope)"<br>
>><br>
>> c) AFPUB-2018-GEN-001-DRAFT04: "Abuse Contact Policy Update"<br>
>><br>
>> Regards,<br>
>> Jordi<br>
>> @jordipalet<br>
>><br>
>> [...]<br>
>><br>
>><br>
>><br>
>> -- <br>
>><br>
>> -- <br>
>><br>
>> ?Best Regards !<br>
>><br>
>> Sylvain BAYA<br>
>><br>
>> ?cmNOG's Co-Founder & Coordinator<br>
>><br>
>> ?(+237) 677005341<br>
>><br>
>> ?PO Box 13107 YAOUNDE / CAMEROON<br>
>><br>
>> baya.sylvain [AT cmNOG DOT cm]<br>
>><br>
>> ?abscoco2001 [AT yahoo DOT fr]<br>
>><br>
>> <a href="http://www.cmnog.cm" rel="noreferrer" target="_blank">http://www.cmnog.cm</a><br>
>><br>
>> <a href="https://cmnog.wordpress.com" rel="noreferrer" target="_blank">https://cmnog.wordpress.com</a><br>
>><br>
>> ?************************<br>
>><br>
>> ?#?LASAINTEBIBLE(?#?Romains15:33):"Que LE ?#?DIEU de ?#?Paix<br>
>> soit avec vous tous!?#?Amen!"<br>
>><br>
>> ?#?MaPri?re est que tu naisses de nouveau.<br>
>><br>
>> ?#?Chr?tiennement<br>
>><br>
>> ? ? ? ? ? ?? Comme une biche soupire apr?s des courants<br>
>> d?eau, Ainsi mon ?me soupire apr?s toi, ? DIEU! ? (Psaumes 42 :2)<br>
>><br>
>><br>
>> _______________________________________________ RPD mailing<br>
>> list <a href="mailto:RPD@afrinic.net" target="_blank">RPD@afrinic.net</a> <mailto:<a href="mailto:RPD@afrinic.net" target="_blank">RPD@afrinic.net</a>><br>
>> <a href="https://lists.afrinic.net/mailman/listinfo/rpd" rel="noreferrer" target="_blank">https://lists.afrinic.net/mailman/listinfo/rpd</a><br>
>> <<a href="https://lists.afrinic.net/mailman/listinfo/rpd" rel="noreferrer" target="_blank">https://lists.afrinic.net/mailman/listinfo/rpd</a>><br>
>><br>
>><br>
>> **********************************************<br>
>> IPv4 is over<br>
>> Are you ready for the new Internet ?<br>
>> <a href="http://www.theipv6company.com" rel="noreferrer" target="_blank">http://www.theipv6company.com</a><br>
>> The IPv6 Company<br>
>><br>
>> This electronic message contains information which may be<br>
>> privileged or confidential. The information is intended to be<br>
>> for the exclusive use of the individual(s) named above and<br>
>> further non-explicilty authorized disclosure, copying,<br>
>> distribution or use of the contents of this information, even<br>
>> if partially, including attached files, is strictly<br>
>> prohibited and will be considered a criminal offense. If you<br>
>> are not the intended recipient be aware that any disclosure,<br>
>> copying, distribution or use of the contents of this<br>
>> information, even if partially, including attached files, is<br>
>> strictly prohibited, will be considered a criminal offense,<br>
>> so you must reply to the original sender to inform about this<br>
>> communication and delete it.<br>
>><br>
>><br>
>> _______________________________________________<br>
>> RPD mailing list<br>
>> <a href="mailto:RPD@afrinic.net" target="_blank">RPD@afrinic.net</a> <mailto:<a href="mailto:RPD@afrinic.net" target="_blank">RPD@afrinic.net</a>><br>
>> <a href="https://lists.afrinic.net/mailman/listinfo/rpd" rel="noreferrer" target="_blank">https://lists.afrinic.net/mailman/listinfo/rpd</a> <<a href="https://lists.afrinic.net/mailman/listinfo/rpd" rel="noreferrer" target="_blank">https://lists.afrinic.net/mailman/listinfo/rpd</a>><br>
><br>
><br>
> _______________________________________________<br>
> RPD mailing list<br>
> <a href="mailto:RPD@afrinic.net" target="_blank">RPD@afrinic.net</a><br>
> <a href="https://lists.afrinic.net/mailman/listinfo/rpd" rel="noreferrer" target="_blank">https://lists.afrinic.net/mailman/listinfo/rpd</a><br>
-------------- next part --------------<br>
An HTML attachment was scrubbed...<br>
URL: <<a href="https://lists.afrinic.net/pipermail/rpd/attachments/20200104/a1cf786d/attachment.html" rel="noreferrer" target="_blank">https://lists.afrinic.net/pipermail/rpd/attachments/20200104/a1cf786d/attachment.html</a>><br>
<br>
------------------------------<br>
<br>
Subject: Digest Footer<br>
<br>
_______________________________________________<br>
RPD mailing list<br>
<a href="mailto:RPD@afrinic.net" target="_blank">RPD@afrinic.net</a><br>
<a href="https://lists.afrinic.net/mailman/listinfo/rpd" rel="noreferrer" target="_blank">https://lists.afrinic.net/mailman/listinfo/rpd</a><br>
<br>
<br>
------------------------------<br>
<br>
End of RPD Digest, Vol 160, Issue 5<br>
***********************************<br>
</blockquote></div>