Re: [arin-tech-discuss] Who can generate ROAs when a holder reassigns or reallocations address space?

Mon, 24 Jun 2024 07:52:34 -0700 

I like that idea.  I was thinking along the same lines.
When a prefix is delegated, associate a Routing POC with the prefix which would be allowed to generate ROAs and IRR objects. If no association is made, only the parent can take these actions.
Question- do you think the delegating/parent holder should be allowed to generate ROAs if there is a downstream Routing POC? 

On 6/24/2024 10:08 AM, David Farmer wrote:

I wonder if a tactic to address this issue is expanding the use of the
Router POC. Maybe a Router POC could be created at the resource level or
with a Detailed Reassignment instead of a Router POC at the Organization
Level, providing a fine-grained mechanism to delegate control of ROA and
IRR.

Just a thought.

On Mon, Jun 24, 2024 at 8:34 AM Andrew Gallo <[email protected]> wrote:


If a holder of address resources reassigns or reallocates a portion of
that space, who can create an RPKI ROA?  The original holder (parent),
the downstream org that has the delegated portion of the space?

The three options for reassignment/reallocation are
      Simple Reassignment
      Detailed Reassignment
      Reallocation
(definitions below)

Based on my reading, Simple Reassignment allows only the 'parent' (or
delegating) org allowed to create ROAs.  But what about Detailed?  The
downstream org can have POCs and maintain reverse nameserver records.
Can they also generate ROAs or IRR objects?

What about Reallocation?

Thank you.




Simple Reassignment
     Use this option if you will manage abuse and network contacts for
your customer.

Detailed Reassignment
     Use this for a downstream organization that needs to maintain its
own reverse nameservers and/or separate Point of Contact (POC)
information.

Reallocation
     Use this for a downstream organization that needs to maintain its
own reverse nameservers and/or separate Point of Contact (POC)
information and make reassignments of IP addresses to its own customers.


_______________________________________________
arin-tech-discuss mailing list
[email protected]
https://lists.arin.net/mailman/listinfo/arin-tech-discuss

Attachment: OpenPGP_0x1C61021F8B5942A2.asc
Description: OpenPGP public key

Attachment: OpenPGP_signature.asc
Description: OpenPGP digital signature

_______________________________________________
arin-tech-discuss mailing list
[email protected]
https://lists.arin.net/mailman/listinfo/arin-tech-discuss

Reply via email to