Re: [arin-ppml] Revisit RPKI TAL Relying Party Agreement?

2019-10-20 Thread Job Snijders
Dear ARIN Board of Trustees, staff, and community! Reviving an old thread, I’d still like this to be resolved :-) It is my understanding that the ARIN RPKI TAL currently is a hot topic for the Board of Trustees. I can see a lot of effort is being put in to get to a point to make a fully informed

Re: [arin-ppml] Revisit RPKI TAL Relying Party Agreement?

2017-03-21 Thread John Curran
On 20 Mar 2017, at 7:58 PM, Job Snijders wrote: > > Dear John, > > On Tue, Jan 31, 2017 at 09:42:50PM +, John Curran wrote: >> On 30 Jan 2017, at 3:14 PM, Job Snijders wrote: Is it the presence of legal constraints that it is the concern, or the fact

Re: [arin-ppml] Revisit RPKI TAL Relying Party Agreement?

2017-03-20 Thread Job Snijders
Dear John, On Tue, Jan 31, 2017 at 09:42:50PM +, John Curran wrote: > On 30 Jan 2017, at 3:14 PM, Job Snijders wrote: > >> Is it the presence of legal constraints that it is the concern, or > >> the fact that ARIN requires explicit downloading (and thus > >> awareness of this

Re: [arin-ppml] Revisit RPKI TAL Relying Party Agreement?

2017-02-03 Thread William Herrin
On Fri, Feb 3, 2017 at 5:23 PM, Owen DeLong wrote: > Since ARIN is the registry, there’s really no other authoritative source > for the information. > > As such, nobody else is in a proper position to certify the resource holdings. Hi Owen, ARIN openly publishes sufficient

Re: [arin-ppml] Revisit RPKI TAL Relying Party Agreement?

2017-02-03 Thread Owen DeLong
> On Feb 3, 2017, at 07:47 , William Herrin wrote: > > On Fri, Feb 3, 2017 at 3:49 AM, Job Snijders wrote: >> Please keep in mind that this thread was about removing barriers, to >> enable RPKI innovation. > > Hi folks, > > Is ARIN the right place for an RPKI

Re: [arin-ppml] Revisit RPKI TAL Relying Party Agreement?

2017-02-03 Thread William Herrin
On Fri, Feb 3, 2017 at 3:06 PM, John Curran wrote: >RIPE’s handling of legacy resource holders is different from ARIN’s, >in that ARIN requires that legacy resource holders wishing to receive >additional services sign the RSA and pay legacy maintenance fees. > >

Re: [arin-ppml] Revisit RPKI TAL Relying Party Agreement?

2017-02-03 Thread John Curran
On 3 Feb 2017, at 2:46 PM, Richard J. Letts wrote: > > From: ARIN-PPML [mailto:arin-ppml-boun...@arin.net] On Behalf Of William > Herrin >> Sent: Friday, February 3, 2017 9:29 AM > ... >> Exactly. You refuse to provide new services related to legacy resource >> holdings,

Re: [arin-ppml] Revisit RPKI TAL Relying Party Agreement?

2017-02-03 Thread Richard J. Letts
From: ARIN-PPML [mailto:arin-ppml-boun...@arin.net] On Behalf Of William Herrin > Sent: Friday, February 3, 2017 9:29 AM ... > Exactly. You refuse to provide new services related to legacy resource > holdings, including RPKI. While not unreasonable in the context of ARIN > operations, this is

Re: [arin-ppml] Revisit RPKI TAL Relying Party Agreement?

2017-02-03 Thread William Herrin
On Fri, Feb 3, 2017 at 2:20 PM, John Curran wrote: > On 3 Feb 2017, at 12:29 PM, William Herrin wrote: >>> As you are aware, we provide legacy resource holders the same registry >>> services (including ability to update Whois contact info, reverse DNS, etc.) >>>

Re: [arin-ppml] Revisit RPKI TAL Relying Party Agreement?

2017-02-03 Thread John Curran
On 3 Feb 2017, at 12:29 PM, William Herrin wrote: >> As you are aware, we provide legacy resource holders the same registry >> services (including ability to update Whois contact info, reverse DNS, etc.) >> that they received at ARIN’s formation, and that is done no charge and

Re: [arin-ppml] Revisit RPKI TAL Relying Party Agreement?

2017-02-03 Thread William Herrin
On Fri, Feb 3, 2017 at 11:13 AM, John Curran wrote: > On 3 Feb 2017, at 10:47 AM, William Herrin wrote: >> Is ARIN the right place for an RPKI registry? They seem... reluctant. > ARIN is actually quite active in development, promotion, and support > of RPKI

Re: [arin-ppml] Revisit RPKI TAL Relying Party Agreement?

2017-02-03 Thread John Curran
On 3 Feb 2017, at 10:47 AM, William Herrin wrote: > > Is ARIN the right place for an RPKI registry? They seem... reluctant. ARIN is actually quite active in development, promotion, and support of RPKI services – please do not confuse having appropriate legal agreements with

Re: [arin-ppml] Revisit RPKI TAL Relying Party Agreement?

2017-02-03 Thread John Curran
On 3 Feb 2017, at 8:15 AM, LOOS Eric (BCS/CBU) > wrote: IANAL, but I have worked enough with our legal department to see some red flags in the RPA: - Possibility for on-sided modifications of the T with automatic acceptance thereof -

Re: [arin-ppml] Revisit RPKI TAL Relying Party Agreement?

2017-02-03 Thread William Herrin
On Fri, Feb 3, 2017 at 3:49 AM, Job Snijders wrote: > Please keep in mind that this thread was about removing barriers, to > enable RPKI innovation. Hi folks, Is ARIN the right place for an RPKI registry? They seem... reluctant. It's not just the data for relying parties; they

Re: [arin-ppml] Revisit RPKI TAL Relying Party Agreement?

2017-02-03 Thread LOOS Eric (BCS/CBU)
Cc: arin-ppml@arin.net Subject: Re: [arin-ppml] Revisit RPKI TAL Relying Party Agreement? On 1 Feb 2017, at 4:01 AM, Job Snijders <j...@ntt.net<mailto:j...@ntt.net>> wrote: I am certain that an appropriate (and equally short) wget command could suffice technically for installing ARIN’s T

Re: [arin-ppml] Revisit RPKI TAL Relying Party Agreement?

2017-02-02 Thread Owen DeLong
> On Feb 1, 2017, at 00:48 , Job Snijders wrote: > > Hi Owen, > > On Tue, Jan 31, 2017 at 06:41:39PM -0800, Owen DeLong wrote: >> RPKI doesn’t secure BGP. >> >> All it does is provide a cryptographically signed mechanism by which >> you can suggest what ASN should be forged as

Re: [arin-ppml] Revisit RPKI TAL Relying Party Agreement?

2017-02-01 Thread John Curran
On 1 Feb 2017, at 4:01 AM, Job Snijders > wrote: I am certain that an appropriate (and equally short) wget command could suffice technically for installing ARIN’s TAL, but including such in a script (or including the TAL directly in the source code repository)

Re: [arin-ppml] Revisit RPKI TAL Relying Party Agreement?

2017-02-01 Thread Job Snijders
On Tue, Jan 31, 2017 at 09:42:50PM +, John Curran wrote: > On 30 Jan 2017, at 3:14 PM, Job Snijders wrote: > > > >> Is it the presence of legal constraints that it is the concern, or the > >> fact that ARIN requires explicit downloading (and thus awareness of > >> this fact)

Re: [arin-ppml] Revisit RPKI TAL Relying Party Agreement?

2017-01-31 Thread Owen DeLong
RPKI doesn’t secure BGP. All it does is provide a cryptographically signed mechanism by which you can suggest what ASN should be forged as the origin of a route that you want to hijack. Owen > On Jan 31, 2017, at 16:58 , William Herrin wrote: > > On Tue, Jan 31, 2017 at 4:42

Re: [arin-ppml] Revisit RPKI TAL Relying Party Agreement?

2017-01-31 Thread William Herrin
On Tue, Jan 31, 2017 at 4:42 PM, John Curran wrote: > ARIN’s Board of Trustees has been quite consistent in its position that > RPKI services are to be offered under clear terms and conditions Then it is the Board's position that BGP shall not be secured. Imagine if you had to

Re: [arin-ppml] Revisit RPKI TAL Relying Party Agreement?

2017-01-30 Thread William Herrin
On Mon, Jan 30, 2017 at 2:49 PM, John Curran wrote: >Is it your belief that other RIRs presently make these materials > available without >legal constraints? A quick review would show that is not the case; for > example, >access RIPE’s RPKI CA repository data binds

Re: [arin-ppml] Revisit RPKI TAL Relying Party Agreement?

2017-01-30 Thread Job Snijders
Dear John, On Mon, Jan 30, 2017 at 07:49:57PM +, John Curran wrote: > > On 30 Jan 2017, at 3:42 AM, Job Snijders > > > wrote: > > > > What stands out to me is that (as example) the RIPE NCC RPKI Validator > > ships with materials from all the RIRs, except