Re: [sidr] Request for WG Last Call for draft-ietf-sidr-bogons-02.txt and draft-ietf-sidr-roa-validation-01.txt

[Andrew Newton <andy@hxr.us>]

On Dec 2, 2008, at 7:24 PM, Stephen Kent wrote:

> An AS 0 ROA is a positive assertion about the prefixes expressed in  
> it, as far as RP software is concerned. The "feature" of this  
> assertion is that, any unauthenticated assertions about the prefixes  
> should be rejected in favor of this verifiable ROA (assuming that  
> the ROA was signed by an entity that holds the prefixes in  
> question). In saying that I am making some assumptions about how ROs  
> use ROAs, and Danny has argued that we need to be more precise about  
> such assumptions.
>
> I see the AS 0 ROA as a valuable tool to deal with unallocated and  
> reserved address space, during the very long period when relying  
> parties will see a mix of verifiable and unverifiable assertions  
> about route origination. I have not thought so much about the  
> utility of this capability in a fully deployed system. I also did  
> not consider assertions about AS numbers, a feature of BOAs.

Steve,

Sorry for the late reply on this subject, but I was rereading the  
archives and it brought to my recollection a statement you made at the  
microphone in Minneapolis regarding AS 0 ROAs.  I didn't readily grasp  
the meaning of what you said, so I'm seeking clarification.

As I recall, you stated that a registry wishing to use a BOA to cover  
its space could just as well use AS 0 ROAs with a different practice.   
Whenever that registry allocated space, it would have to reissue the  
AS 0 ROAs so the newly allocated space is not covered.  At least I  
think that was the gist of what you described.

Is this correct, or can you explain again the scenario you mentioned?

-andy
_______________________________________________
sidr mailing list
sidr@ietf.org
https://www.ietf.org/mailman/listinfo/sidr