[RPKI-Discuss] [routing-wg] RPKI Route Origin Validation on RIPE NCC Network

[Musa Stephen Honlue]

Hi 

Sent from my iPhone


> On 3 Jun 2021, at 22:24, Patrick Okui <pokui at psg.com> wrote:

> 

> 

> On 3 Jun 2021, at 21:18 EAT, Carlos M. Martinez wrote:

> 

> So, IMO, ROV (either rejecting invalids or doing what you think is appropriate) is a distinct operation from creating ROAs and I believe that at this point in time every resource holder should be creating their ROAs, but implementing ROV is something that it might or might not make sense to a particular network.

> 

> Agreed, which is why I said “in general”. Security researchers for example may want to ignore “valids” and mostly concentrate on “invalids”.

> 

> However, if in general my ROAs do not result in a decent possibility that a hijack will be dropped (until I go kicking and screaming) then I have less incentive to create them. This is the chicken and egg issue I’ve faced when preaching ROA generation.

> 

I fully agree here.

I mean, what is the essence of creating ROAs if no one is using them to stop propagating hijacks?

> 

> -- 

> patrick

> 

> _______________________________________________

> RPKI-Discuss mailing list

> RPKI-Discuss at afrinic.net

> https://lists.afrinic.net/mailman/listinfo/rpki-discuss

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.afrinic.net/pipermail/rpki-discuss/attachments/20210604/b23e3195/attachment.html>