[routing-wg] 2019-08 Review Phase (SLURM file for Unallocated and Unassigned RIPE NCC Address Space)
- Previous message (by thread): [routing-wg] 2019-08 Review Phase (SLURM file for Unallocated and Unassigned RIPE NCC Address Space)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
George Michaelson
ggm at algebras.org
Tue May 26 03:04:20 CEST 2020
> and will all rirs issue an as0 for 10/8? nice. at least, if i use net > 10 internally, my local root ca's roas for it will override your 5 or > whatever as0 roas. This is a good operating model I think. If I wanted some assurance of internal intent, I would do this. A SLURM file is simpler, less overhead, but I would probably do what you are doing here. (I don't have this burden, I don't operate routing-active systems) > > We proposed this during initial deployment to ensure we had a > > make-before-break outcome for relying parties, but it does reduce > > uptake (during the test period at best <100 people have participated) > > perhaps because ops seem disinclined to complex tal management. Yes. I think thats very likely but we are talking about a small number at this stage, the distinction here being what is included in s/w distribution for most people. > > If we include the AS0 under the mainline TAL, then this is 'opt out' > > behaviour for RP's (they would have to do conscious work e.g. locally > > managed SLURM) to re-validate prefixes, rather than opt-in. > > back to an unauthenticated slurm, eh? Well caught. I think use of this kind of "magic override" is not the first preference, but its logistically simple. I don't like the model of sourcing a SLURM file from outside. Its a local-override mechanism. Di Ma published how to distribute slurm over trusted communications, and I commented about how I still feel uncomfortable about the lack of validation in what SLURM says. > > randy, who also did not like or use the dnssec dlv hack Neither did I FWIW. -G
- Previous message (by thread): [routing-wg] 2019-08 Review Phase (SLURM file for Unallocated and Unassigned RIPE NCC Address Space)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]