<div dir="auto"><div><br><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Sat, 12 Jun 2021, 15:23 Job Snijders via RPD, <<a href="mailto:rpd@afrinic.net" target="_blank" rel="noreferrer">rpd@afrinic.net</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">On Sat, Jun 12, 2021 at 01:18:39PM +0200, <br>
<br>
When analysing cybersecurity proposals, we have to gauge the reward/risk<br>
ratio, and based on my experiences so far with RPKI, this policy does<br>
not look good. We should not create a situation where the consequences<br>
of small errors are amplified into internet-wide outages.<br>
<br>
Kind regards,<br>
<br>
Job<br>
<br>
[1]: <a href="https://www.ripe.net/support/service-announcements/rpki-roas-deleted-for-some-legacy-resources" rel="noreferrer noreferrer noreferrer" target="_blank">https://www.ripe.net/support/service-announcements/rpki-roas-deleted-for-some-legacy-resources</a></blockquote></div></div><div dir="auto"><br></div><div dir="auto">Hi Job</div><div dir="auto"><br></div><div dir="auto">From the link above..... I read</div><div dir="auto"><br></div><div dir="auto">‐--------</div><div dir="auto"><p style="margin:0px 0px 12px;max-width:700px;color:rgb(51,51,51);font-family:"open sans",helvetica,arial,sans-serif;font-size:14.3px;background-color:rgb(255,255,255)"><span style="font-weight:700">Update at 17:00 (UTC +1):</span> The resources are certifiable in the Registry again. We are currently recreating the deleted ROAs.</p><p style="margin:0px 0px 12px;max-width:700px;color:rgb(51,51,51);font-family:"open sans",helvetica,arial,sans-serif;font-size:14.3px;background-color:rgb(255,255,255)"><span style="font-weight:700">Update at 17:10 (UTC+1):</span> The deleted ROAs have been recreated and the issue has been resolved. If you experience any further issues, please contact our.....</p><p style="margin:0px 0px 12px;max-width:700px;color:rgb(51,51,51);font-family:"open sans",helvetica,arial,sans-serif;font-size:14.3px;background-color:rgb(255,255,255)">-------------</p><p style="margin:0px 0px 12px;max-width:700px;color:rgb(51,51,51);font-family:"open sans",helvetica,arial,sans-serif;font-size:14.3px;background-color:rgb(255,255,255)">While this was resolved within 10mins, were there measures put in place by the NCC as mitigation process to curb a repeat of the incident?</p><p style="margin:0px 0px 12px;max-width:700px;color:rgb(51,51,51);font-family:"open sans",helvetica,arial,sans-serif;font-size:14.3px;background-color:rgb(255,255,255)">What can be done better in terms of implementation process. Should it involved an approval process that goes beyond a single warm-body, some sort of Change Management Process that takes consideration Org governance/Management.</p><p style="margin:0px 0px 12px;max-width:700px;color:rgb(51,51,51);font-family:"open sans",helvetica,arial,sans-serif;font-size:14.3px;background-color:rgb(255,255,255)">Just curious....</p><p style="margin:0px 0px 12px;max-width:700px;color:rgb(51,51,51);font-family:"open sans",helvetica,arial,sans-serif;font-size:14.3px;background-color:rgb(255,255,255)">Noah</p><p style="margin:0px 0px 12px;max-width:700px;color:rgb(51,51,51);font-family:"open sans",helvetica,arial,sans-serif;font-size:14.3px;background-color:rgb(255,255,255)"><br></p></div><div dir="auto"></div></div>