On Mon, Nov 28, 2011 at 5:13 PM, Stephen Kent <[email protected]> wrote: > At 10:09 PM -0500 11/21/11, Danny McPherson wrote: >> >> ... >> > I don't understand all of the words above. >> >> Apologies for the loose terminology here.. Try this.. >> >> AS1 --- ISP1 (AS2) --- ISP2 (AS3) --- AS4 >> >> In the case of LTA if these four parties wish to transact their >> constraints files >> (or shared "non-putative" RPKI TAs) must be familiar and synchronized with >> each other via some out of band mechanism - i.e., they either have to: >> >> 1) synchronize LTA contents across the set >> 2) share a common non-putative TA that magically does this >> >> and in doing so, they likely would want to constrain what a TA is allowed >> to >> assert, via a constraints file, as noted above? >> >> That is, LTA for the local AS doesn't fix the >> multi-AS/multi-administrator/RP >> issue, and so some synchronization or shared non-putative TA needs to be >> developed in they desire autonomy outside of the putative set. >> Is that correct? > > The original model for an LTA was, as the name suggests, local, hence just > one AS. However, it is easy to extend that model to encompass a set of > AS'es under the same admin control. In that case, the set of ASes all agree > to accept the > RPKI "view" managed by some entity in control (relative to the set of ASes). > > In your example are all of the ASes independent? You say that they want to > "transact their constraints file" but you didn't say why, nor what the > relationships might be among the constraints file for each AS.
I think danny's example (as explained off-line in taipei) was something like: o 3 cooperating ASNs (say: 701, 7018, 2914) o one customer on either side of the 3 ASNs (a-widget-maker && a-widget-user/customer) o All have RPKI + BGPSEC deployed o the 'blackhelicopters of forgotten payment' arrive at ARIN's doorstep and remove the Registration data for a-root/24. For a-widget-customer to still access a-widget-maker all of the intermediate ASN's (and a-widget-customer even) will have to enter into their LTA's some bogus/temporary certificate data... Or, I suppose, they could just wing it on 'not validated' but still the only prefix-in-town? I think Danny's proposing some federation of LTAs under distributed control where these folks all agree that "a-widget-maker/24 is still a-ok by us!". -chris _______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
