You should take this conversation to the folk at Google. They are
pushing really hard for IRR objects.
On 25 Apr 2019, at 16:01, Randy Bush wrote:
The point is: if you pull the RPKI stuff and build the RPLS stuff
locally, you *know* that all data is trusted and hasn't been modified
(because everything coming from extern is signed and can be
validated).
if everybody had digested security 101, the internet might not be the
dumpster fire it is today :)
but this stuff is intuitive only if one has a twisted mind. so i
blame
myself for explaining inadequately. that part is tough too.
randy
