[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[sig-routing] prop-059: Using the Resource Public Key Infrastructure to construct validated IRR data

To: APNIC Routing SIG <sig-routing@lists.apnic.net>
Subject: [sig-routing] prop-059: Using the Resource Public Key Infrastructure to construct validated IRR data
From: Philip Smith <pfs@cisco.com>
Date: Tue, 19 Aug 2008 10:53:29 +1000
Authentication-results: syd-dkim-1; header.From=pfs@cisco.com; dkim=pass ( sig from cisco.com/syddkim1002 verified; );
Delivered-to: sig-routing@clove.apnic.net
List-archive: <http://mailman.apnic.net/mailing-lists/sig-routing>
List-help: <mailto:sig-routing-request@lists.apnic.net?subject=help>
List-id: APNIC SIG on IP routing technology and policy issues <sig-routing.lists.apnic.net>
List-post: <mailto:sig-routing@lists.apnic.net>
List-subscribe: <http://mailman.apnic.net/mailman/listinfo/sig-routing>, <mailto:sig-routing-request@lists.apnic.net?subject=subscribe>
List-unsubscribe: <http://mailman.apnic.net/mailman/listinfo/sig-routing>, <mailto:sig-routing-request@lists.apnic.net?subject=unsubscribe>
Organization: Cisco Systems
User-agent: Thunderbird 2.0.0.16 (Macintosh/20080707)

________________________________________________________________________

prop-059: Using the Resource Public Key Infrastructure to construct
           validated IRR data
________________________________________________________________________


Dear SIG members

Below is a summary of discussions on the proposal to date. We encourage
you to continue discussions on the mailing list before APNIC 26.

Regards,
Philip, Randy & Tomoya


Proposal summary
----------------

This is a proposal to introduce a new registry that augments Internet
Routing Registry (IRR) data with the formally verifiable trust model of
the Resource Public Key Infrastructure (RPKI) and provides ISPs with the
tools to generate an overlay to the IRR, which is much more strongly
trustable.

The proposal is currently under discussion in the RIPE region and has
been submitted to the ARIN Consultation and Suggestion Process.


Discussion statistics
---------------------

Posted to Routing SIG mailing list:            3 April 2008

Number of posts:                               7

Number of people participating in discussions: 4


Summary of discussions to date
------------------------------

- It was observed that the proposed way of implementing resource
   certification would move the complexity of cryptography to the APNIC
   Secretariat and leave operators able to more easily manage the signed
   data using the familiar format of an Internet Routing Registry.

- It was noted that long-term, operators should be encouraged to take
   on the cryptographic verification themselves.

- Potential disadvantages would be increased workload on the Secretariat
   and potential confusion arising from having two IRRs: one being the
   original non-certified resources and the other containing certified
   resources.


Full details of the proposal, including links to previous discussions
of it at earlier APNIC meetings, can be found at:

      http://www.apnic.net/policy/proposals/prop-059-v001.html

Prev by Date: [sig-routing] Monthly List Reminder
Next by Date: [sig-routing] withdraw prop-059 - Using the Resource Public Key Infrastructure to construct validated IRR data
Previous by thread: [sig-routing] Monthly List Reminder
Next by thread: [sig-routing] withdraw prop-059 - Using the Resource Public Key Infrastructure to construct validated IRR data
Index(es):
- Date
- Thread