[address-policy-wg] Policy update request on certification of transferred IPv4 allocations
- Previous message (by thread): [address-policy-wg] Policy update request on certification of transferred IPv4 allocations
- Next message (by thread): [address-policy-wg] Policy update request on certification of transferred IPv4 allocations
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
McTim
dogwallah at gmail.com
Thu Feb 21 13:46:37 CET 2013
On Thu, Feb 21, 2013 at 4:23 AM, Andrew de la Haye < ripencc-management at ripe.net> wrote: > [Apologies for duplicate emails] > > Dear colleagues, > > Based on recent discussions on the RIPE Address Policy WG mailing list, > the RIPE NCC is now seeking policy related action from the RIPE > community with regards to clear guidelines on how it should proceed with > certifying transferred IPv4 allocations. > > It has recently come to our notice, via two of the policy authors, that > the original intention (in 2007) of the sentence "Re-allocated blocks > will be signed to establish the current allocation owner" was that the > transferred block *must* be signed *after* the transfer in order to > completely establish holdership. > > This sentence can be found under section 5.5 of "IPv4 Address Allocation > and Assignment Policies for the RIPE NCC Service Region" here: > http://www.ripe.net/ripe/docs/ripe-582#Transfers-of-Allocations > > Because the RIPE community provided guidance saying that certification > should be an opt-in system, the RIPE NCC built an RPKI Certification > system based on this opt-in notion, therefore it is not currently > possible for the RIPE NCC to issue certificates without the resource > holder initiating the process. > > Therefore, the RIPE NCC's interpretation and implementation of this > specific sentence has been: > > Registration Services verifies and reflects the change in holdership of > the re-allocated blocks by updating the database objects and internal > records following the transfer. Any certificates that had been attached > to these number resources before the transfer automatically become > invalid/revoked due to the holdership change. The transfer recipient can > then request a new certificate for the address space and the RIPE NCC > will proceed to sign these resources to establish the current allocation > holder. > > Therefore, the RIPE NCC does not make certification of any resources > mandatory. > > As the sentence in section 5.5 of "IPv4 Address Allocation and > Assignment Policies for the RIPE NCC Service Region" is open to > interpretation, the RIPE NCC is seeking representative(s) from the RIPE > community to submit an update to ripe-582 that will replace this > sentence with more accurate and appropriate wording or perhaps remove it > completely. > How about replacing; "Re-allocated blocks will be signed to establish the current allocation owner." with: "Re-allocated blocks will be signed to establish the current allocation holder if the receiving party chooses." ?? -- Cheers, McTim "A name indicates what we seek. An address indicates where it is. A route indicates how we get there." Jon Postel -------------- next part -------------- An HTML attachment was scrubbed... URL: <https://lists.ripe.net/ripe/mail/archives/address-policy-wg/attachments/20130221/5872ca99/attachment.html>
- Previous message (by thread): [address-policy-wg] Policy update request on certification of transferred IPv4 allocations
- Next message (by thread): [address-policy-wg] Policy update request on certification of transferred IPv4 allocations
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]