Geoff, [No hat. Really. Personal opinion only]
On Dec 4, 2008, at 10:50 PM, Geoff Huston wrote:
From time to time the IETF heads into areas where its role intersects with the roles of other bodies,
Yep. Like (say) IPv6 and IPSEC requirements and the interaction with national crypto laws where the decision was made to choose the technically correct solution in the face of concerns that national laws would make deployment more difficult or even impossible (I remember a particularly interesting plenary in Danbury where that topic was 'discussed')...
The draft is not advocating that IANA does, or does not do any particular action with respect to the publication of TA material.
[many, many words elided]
A little more of that form of rational process would, I believe, assist the SIDR WG to make the appropriate call here as well.
This may come as a surprise, but I do not necessarily disagree with what you have said. Because of personal experience, I am probably more aware of the political ramifications of single root issues than most here and as a result can see arguments both ways as to appropriate directions to take regarding trust anchor(s).
However, I am unaware of any public discussion in which those trust anchor issues have been broached much less addressed. In the case of DNSSEC, there was little, if any, discussion about the operational realities of attempting to deploy DNSSEC including trust anchor issues and IANA's role. As a (arguably) direct result, we're now 12 years into deployment and have gotten minimal traction. It would be tragic to repeat that particularly sad history with RPKI. Presumably, the goal here is to get something that can actually be deployed...
I would gently suggest that attempting to ignore the politically sensitive issues (whether they be national politics or ICANN/RIR politics) by not addressing the underlying cause of those issues is leading us down the exact same potentially non-terminal path you express concerns about (particularly when the NRO representative at the ICANN meeting waves a bouquet of red flags at the assembled governance officials during the plenary and when it becomes a topic of discussion and not necessarily in a good way (I'm told) at the IGF). The ant mound has already been stirred. Pretending you're not covered in honey is unlikely to have a positive outcome.
If you wish to argue that the treatment of trust anchors should not be in the res-certs draft, that's fine as long as you follow it up with 'it should be in X' (and you define 'X' :-)). I believe it important that there be an open discussion about the pros and cons of the various trust anchor models and any recommendation be made in a transparent manner. I reiterate my belief that if IANA is going to be a participant in a trust anchor or anchors, it needs to be called out explicitly in the IANA Considerations section, but that's merely my opinion (like the entirety of this note).
FWIW. Regards, -drc _______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
