<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class="">Revocation of an AS0 ROA takes the prefix from state INVALID to sate UNKNOWN.<div class=""><br class=""></div><div class="">The impact from this state transition is that the prefix goes from being rejected by virtually everyone doing active validation to being accepted by the vast majority of networks doing active validation.</div><div class=""><br class=""></div><div class="">Please explain the negative impact you perceive from this?</div><div class=""><br class=""></div><div class="">If your understanding of the situation is different from this, then please explain your understanding, because I’m pretty sure that’s what we’re talking about here.</div><div class=""><br class=""></div><div class="">Owen</div><div class=""><br class=""><div><br class=""><blockquote type="cite" class=""><div class="">On Feb 1, 2020, at 13:38 , Daniel Yakmut <<a href="mailto:yakmutd@googlemail.com" class="">yakmutd@googlemail.com</a>> wrote:</div><br class="Apple-interchange-newline"><div class="">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" class="">
<div class=""><p class="">My perceptions and understanding can be different, but that
doesn't mean lack of understanding, because your effort at
explaining shows that my concerns touch on the subject of ROA.</p><p class=""> I have seen a similar opposing argument on the same policy
proposal in RIPE NCC. Possibly my argument was not clear enough,
but yes revocation can be impactful.</p><p class="">Simply,</p><p class="">Daniel<br class="">
</p><p class=""><br class="">
</p>
<div class="moz-cite-prefix">On 31/01/2020 7:03 am, Owen DeLong
wrote:<br class="">
</div>
<blockquote type="cite" cite="mid:F68DFB5F-4DFE-4F44-B1F4-CBBA04D1ED18@delong.com" class="">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" class="">
<br class="">
<div class=""><br class="">
<blockquote type="cite" class="">
<div class="">On Jan 30, 2020, at 21:51 , Daniel Yakmut <<a href="mailto:yakmutd@googlemail.com" class="" moz-do-not-send="true">yakmutd@googlemail.com</a>>
wrote:</div>
<br class="Apple-interchange-newline">
<div class="">
<meta http-equiv="Content-Type" content="text/html;
charset=UTF-8" class="">
<div class=""><p class="">I don't agree with your submission that; "All
of the “objections” I saw seemed to indicate a clear
lack of understanding of RPKI in general and the
proposal in specific."</p><p class=""> I particularly raised a concern "<span style="font-size:10.5pt;line-height:107%;font-family:
"Open
Sans",sans-serif;color:#333333;background:white" class="">The current state of RPKI infrastructure,
does not provide a sufficient period between
revocation of ROA and notification that a given prefix
has been allocated to an organization, which can
impact considerably on allocations. Except we can be
able to provide a sufficient period or create a
different procedure, the proposal for the RPKI-ROAs
does not fly"</span></p>
<div class=""><br class="">
</div>
</div>
</div>
</blockquote>
I’m not sure where to start with this… It clearly does indicate
a lack of understanding of both RPKI and of the proposed policy.</div>
<div class=""><br class="">
</div>
<div class="">RPKI in its current state can operate near real time. In
general, I believe operators are updating their caches at least
once every 24 hours.</div>
<div class=""><br class="">
</div>
<div class="">As such, a revocation would (in the vast majority of cases)
take effect within 24 hours of the block being issued.</div>
<div class=""><br class="">
</div>
<div class="">Further, a new ROA created by the recipient of a block would
override the less specific ROA issued by the RIR.</div>
<div class=""><br class="">
</div>
<div class="">The worst possible outcome of any such delay is that the AS0
ROA delays the useful deployment of a newly issued block. It
will not harm the continued use of an existing block.</div>
<div class=""><br class="">
</div>
<div class="">Such delay would be less than 24 hours in the vast majority
of cases. I don’t see this as a problem.</div>
<div class=""><br class="">
<blockquote type="cite" class="">
<div class="">
<div class=""><p class=""><span style="font-size:10.5pt;line-height:107%;font-family:
"Open
Sans",sans-serif;color:#333333;background:white" class="">and I did not receive any response from the
author(s), I suspect this is a concern that is
critical and important to possible adoption and
implementation this proposal</span></p>
</div>
</div>
</blockquote>
Interesting… I thought I recalled the authors responding to this
along the lines of what I stated above.</div>
<div class=""><br class="">
</div>
<div class="">
<blockquote type="cite" class="">
<div class="">
<div class=""><p class=""><span style="font-size:10.5pt;line-height:107%;font-family:
"Open
Sans",sans-serif;color:#333333;background:white" class="">However, I will agree that the author(s) may
have been overwhelm with the number of "objections"
raised and could not keep track of it and response,
hence I will suggest that the co-chairs could help by
summarising the objections for the action of the
author(s).</span></p>
</div>
</div>
</blockquote>
I don’t think your objection requires action by the authors. The
current process is adequate despite your claims to the contrary.</div>
<div class=""><br class="">
</div>
<div class="">Owen</div>
<div class=""><br class="">
<blockquote type="cite" class="">
<div class="">
<div class=""><p class=""><span style="font-size:10.5pt;line-height:107%;font-family:
"Open
Sans",sans-serif;color:#333333;background:white" class="">Simply.</span></p><p class=""><span style="font-size:10.5pt;line-height:107%;font-family:
"Open
Sans",sans-serif;color:#333333;background:white" class="">Dan<br class="">
</span></p>
<div class="moz-cite-prefix"><br class="">
</div>
<div class="moz-cite-prefix"><br class="">
</div>
<div class="moz-cite-prefix"><br class="">
</div>
<div class="moz-cite-prefix">On 31/01/2020 3:18 am, Owen
DeLong wrote:<br class="">
</div>
<blockquote type="cite" cite="mid:3D872B8A-4DBC-421C-A0A4-FE5D125E834D@delong.com" class="">
<pre class="moz-quote-pre" wrap="">I agree with Nishal, Jordi, and Frank.
All of the “objections” I saw seemed to indicate a clear lack of understanding of RPKI in general and the proposal in specific.
All of them raised concerns that simply don’t fit the facts of what is being proposed.
I did not see any legitimate or critical objections. If there is something I missed, please enumerate it (them) for the edification of the list.
Owen
</pre>
<blockquote type="cite" class="">
<pre class="moz-quote-pre" wrap="">On Jan 29, 2020, at 03:58 , Nishal Goburdhan <a class="moz-txt-link-rfc2396E" href="mailto:nishal@controlfreak.co.za" moz-do-not-send="true"><nishal@controlfreak.co.za></a> wrote:
On 29 Jan 2020, at 12:35, ABDULKARIM AYOPO OLOYEDE wrote:
</pre>
<blockquote type="cite" class="">
<pre class="moz-quote-pre" wrap="">Dear PDWG,
The following policy proposals have been on the Last call for about 4 weeks
1. Multihoming not required for ASN
2. Adjusting IPv6 PA Policy
3. RPKI ROAs for Unallocated and Unassigned AFRINIC Address Space
However, we received some critical objections that should be addressed on
the policy named "RPKI ROAs for Unallocated and Unassigned AFRINIC Address
Space" therefore we believe it requires more discussion.
</pre>
</blockquote>
<pre class="moz-quote-pre" wrap="">could you enumerate those “critical objections” please. that would help the authors to fix this for round two.
from my perspective, the last series of responses, came from a fundamental misunderstanding of what RPKI is, and how it works.
(bear in mind, that it’s not the authors’ - or this list’s - responsibility to explain RPKI ..)
-n.
_______________________________________________
RPD mailing list
<a class="moz-txt-link-abbreviated" href="mailto:RPD@afrinic.net" moz-do-not-send="true">RPD@afrinic.net</a>
<a class="moz-txt-link-freetext" href="https://lists.afrinic.net/mailman/listinfo/rpd" moz-do-not-send="true">https://lists.afrinic.net/mailman/listinfo/rpd</a>
</pre>
</blockquote>
<pre class="moz-quote-pre" wrap="">_______________________________________________
RPD mailing list
<a class="moz-txt-link-abbreviated" href="mailto:RPD@afrinic.net" moz-do-not-send="true">RPD@afrinic.net</a>
<a class="moz-txt-link-freetext" href="https://lists.afrinic.net/mailman/listinfo/rpd" moz-do-not-send="true">https://lists.afrinic.net/mailman/listinfo/rpd</a>
</pre>
</blockquote>
</div>
</div>
</blockquote>
</div>
<br class="">
</blockquote>
</div>
</div></blockquote></div><br class=""></div></body></html>