On Thu, Sep 15, 2022 at 7:32 PM Rubens Kuhl <[email protected]> wrote: > On Fri, Sep 16, 2022 at 9:46 AM William Herrin <[email protected]> wrote: > > On Thu, Sep 15, 2022 at 4:07 PM Randy Bush <[email protected]> wrote: > > > > You could try suggesting IANA/PTI/ICANN to have a different RPKI trust > > > > anchor and provide such services to legacy block holders. > > > > > > the rpki design cabal assumed the iana would be the rpki root. rir > > > power players blocked that. so each rir is 0/0. brilliant, eh? > > > > Which means that all you'd need is a volunteer group with "street > > cred" to set up an RPKI for legacy holders and then convince folks to > > use their trust anchor too. Or have I missed something? > > Merit, perhaps ? > > But they would need to do a much stricter validation that they > currently have in RADB, which is more like Sledgehammer motto "Trust > me, I know what I'm doing".
Hi Rubens, Last I checked, Merit was -really- expensive for RADB. I don't really see getting more than about 5 figures total per year out of the legacy registrants for RPKI, if that much. I think it'd have to be a volunteer effort or something funded by someone who finds it to their advantage that the legacy registrants publish RPKI records. Like the way Letsencrypt is funded. Regards, Bill Herrin -- For hire. https://bill.herrin.us/resume/
