Hi Christopher,
Christopher Morrow wrote:
Comment 1 (also related with 44): I agree that ISPs may operate caches in
behalf end-users ASNs, but also I think that more than 1
cache may be operated by a single ISP. Imagine a global ASN operator with
routers in several places. Are they going to
..in line..
On Wed, Mar 20, 2013 at 10:57 PM, Danny McPherson da...@tcb.net wrote:
On Mar 20, 2013, at 7:23 PM, Sriram, Kotikalapudi
kotikalapudi.sri...@nist.gov wrote:
The DDoS mitigation example was discussed before.
It appeared there was a reasonable solution.
Please see this post:
On Mar 20, 2013, at 2:35 PM, Murphy, Sandra sandra.mur...@sparta.com wrote:
Speaking as regular ol' member
That all depends on the policy undertaken by each specific provider,
doesn't it? How can you tell the difference between a route with no ROA
because the registry has decertified, and a
On Mar 21, 2013, at 8:36 AM, Randy Bush ra...@psg.com wrote:
randy, who is not learning anything else new from this rinse repeat
So, you're stating that operator input wrt impacts the RPKI will have on their
networks is not useful to SIDR? OK, got it.
-shane
randy, who is not learning anything else new from this rinse repeat
So, you're stating that operator input wrt impacts the RPKI will have
on their networks is not useful to SIDR? OK, got it.
no. i am saying nobody seems to be saying anything that has not already
been said.
but if you're
randy, who is not learning anything else new from this rinse repeat
So, you're stating that operator input wrt impacts the RPKI will have on their
networks is not useful to
SIDR? OK, got it.
Randy said nothing new, not nothing.
--Sandy, speaking as regular ol' member.
On Thu, Mar 21, 2013 at 6:09 AM, Oleg Muravskiy o...@ripe.net wrote:
Hi Christopher,
Christopher Morrow wrote:
Comment 1 (also related with 44): I agree that ISPs may operate caches in
behalf end-users ASNs, but also I think that more than 1
cache may be operated by a single ISP. Imagine a
In our analysis we associate number of CAs in the global RPKI with
the number of distinct IP resource holders.
sure, and as a proxy for that 'AS Operator', it's not a 1:1
correlation to be sure but it should be reasonably close, no?
do we have anything other than conjecture on which to base
On Thu, Mar 21, 2013 at 11:43 AM, Randy Bush ra...@psg.com wrote:
In our analysis we associate number of CAs in the global RPKI with
the number of distinct IP resource holders.
sure, and as a proxy for that 'AS Operator', it's not a 1:1
correlation to be sure but it should be reasonably close,
On 3/20/13 7:57 PM, Danny McPherson wrote:
On Mar 20, 2013, at 7:23 PM, Sriram, Kotikalapudi
kotikalapudi.sri...@nist.gov wrote:
The DDoS mitigation example was discussed before.
It appeared there was a reasonable solution.
Please see this post:
Thanks for the interest in our work. We wanted to clarify a few points:
-- We have a technical report, which contains motivation and details
that the slide deck does not. See
http://www.cs.bu.edu/~goldbe/papers/RPKImanip.pdf
-- As we point out in the paper (and as John Curran, Carlos, and
others
I have, a model that says:
If you want to publish a ROA, you need to have a CA and you need to
run a publication point
land this a roa and a CA).
Wherever did you get that? what is the ratio of hosted LIRs to delegated
today?
--
phone email, so sucky
On Thu, Mar 21, 2013 at 1:55 PM, Randy Bush ra...@psg.com wrote:
I have, a model that says:
If you want to publish a ROA, you need to have a CA and you need to
run a publication point
land this a roa and a CA).
Wherever did you get that?
I figured in the worst case you'd end up with 1:1... I
On 2013-03-21 10:45, joel jaeggli wrote:
Might work for Joel, not me...
That's entirely possible. I was only filtering through my experience
as one customer.
Yep, I concur, hence my comment :-)
We have _lots of customers with varying requirements and capabilities,
not that that's in scope
Chris,
...most likely you are not... I think I jump to 'CA == REPO ==
AS-Operator == ASN allocated' because lacking any direct data
otherwise it seems like a good estimation of numbers. Essentially each
ASN allocated is going to be a repository that needs to be gathered,
right? If there are 10%
On 03/21/2013 04:11 PM, Stephen Kent wrote:
Chris,
...most likely you are not... I think I jump to 'CA == REPO ==
AS-Operator == ASN allocated' because lacking any direct data
otherwise it seems like a good estimation of numbers. Essentially each
ASN allocated is going to be a repository
On 03/21/2013 04:15 PM, Stephen Kent wrote:
Chris,
On Thu, Mar 21, 2013 at 11:43 AM, Randy Bush ra...@psg.com wrote:
In our analysis we associate number of CAs in the global RPKI with
the number of distinct IP resource holders.
sure, and as a proxy for that 'AS Operator', it's not a 1:1
On Thu, Mar 21, 2013 at 4:42 PM, Danny McPherson da...@tcb.net wrote:
On 2013-03-21 14:29, Chris Morrow wrote:
TODAY it reduces the number, yes. 100% agree.
TOMORROW the number of repositories, even those which are 'hosted' will
be split up by name and/or ip-address...
I have a feeling
On Thu, Mar 21, 2013 at 5:42 PM, Danny McPherson da...@tcb.net wrote:
so, to me, this is just 'more objects with a tight(er) timeframe on
delivery' right?
meaning: today you have (for sake of the conversation) relatively
static content in the repository, where data changes 1/2/3
true, but the repository conversation stops at: all gatherers in the
system have the data
inside each ASN it's really up to the ASN operator to get from
gatherer - cache - router in a 'timely fashion'.
If you're signing a route with something, and your upstreams are
signing their secure
So far the 1,300+ folks who have signed up for managed CA services
have also let the RIRs manage their pub points, which dramatically
reduces the number of repositories. That could change over time,
e.g., if these
this is measurement
TODAY it reduces the number, yes. 100% agree.
TOMORROW
21 matches
Mail list logo
