WG Chair Hat OFF
On 17/11/2008, at 6:49 AM, Randy Bush wrote:
iana issues a boa for 0/0
This appears to be a very fanciful notion to me.
it was iana's first intent, and, from an ops pov, dead obvious. see
rfc
3330.
Either your copy of RFC3330 is different from my copy of RFC3330, or
you are putting an interpretation on the white spaces in that document
that entirely unobvious and opaque to me. I can't see IANA claiming in
RFC3330 that 0/0 is a bogon. Do you want me to send you my copy of
RFC3330 to check that we are referring to the same document here?
i announce 0/0 to a bunch of my downstreams
in case any of them do validation, i have to issue a roa for 0/0
where do i publish it?
wherever you want - assuming that some relying party has chosen to
use
the certificate you issue as a TA.
i just don't think i want to be authoritative for 0/0.
the choice of TAs is a relying party choice - You can do whatever you
want and unless I am prepared to nominate your assertions as something
I, as a relying party, am prepared to trust, then whatever you chose
to do is your problem.
and i do not
think we want a hundred or two roas for 0/0 in the public rpki.
I think you may have a basic misunderstanding of the trust model for
this PKI - your use of the term "in the public RPKI" conjoined with "a
hundred or two roas for 0/0" is a somewhat fanciful conjunction,
unless of course you are advocating that relying parties use a
universal acceptance policy for nominated TAs, in which case the
entire concept of a "public RPKI" is a complete waste of time.
boas are not a path that is prudent to follow.
So you are claiming. Others have different views and have backed them
up with documents and reasoning to support their views.
_______________________________________________
sidr mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/sidr
