In message <[EMAIL PROTECTED]> Sandra Murphy writes: > > [---8<---snip---] > > > The > > idea is can we get a similar security with the current infrastructure, > > by doing minor improvements. There is a certain cost involved with the > > SIDR infrastructure. > > No, we cannot get similar security with current infrastructure, even with > MAJOR improvements to the security of the current infrastructure. The > structure of the current infrastructure does not permit similar security > to what the RPKI provides. > > Unless, of course, you want to add all RPKI features to the IRR model, so > that the IRR becomes the same as the RPKI. Of course, you adopt the cost > as well. > > --Sandy
Sandy, Would you please enumerate those things that the IRR model does not support after reading RFC2725 and RFC2769. Note that RFC2769 has not been implemented but would provide the missing functionality (ability to authenticate information held in other registries). It also provides efficient replication of databases so anyone can have a local copy of any database of interest to improve query time. I am not advocating going in that direction, simply pointing out that SIDR to a large extent reinvents the wheel. If anything I think SIDR not implementing the full RPSL semantics is deficient. Curtis _______________________________________________ Sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
