At 10:49 AM -0500 11/29/11, Danny McPherson wrote:
On Nov 29, 2011, at 10:36 AM, Christopher Morrow wrote:
I think this last bit gets at danny's concern (after the 'but every
asn in the path has to agree that the root is wrong' bit)... lots more
complexity here is not helpful :(
Yes.
-danny
The characterization above is not quite right, but close :-).
The fundamental notion of LTA is that each RP is the "root." That's a
good model
for PKIs in general, not just the RPKI, as it allows an RP to accept
putative roots and impose constraints on them. (This is the opposite
of the browser model.) But, as in most of life, TANSTAAFL. The 3779
extensions that help
ensure that a misbehaving CA is limited in the extent of the damage
it can inflict on the rest of the RPKI also makes it more complex to
use the generic LTA model.
It is accurate to say then when an RP wants to adopt a different view of the
RPKI then there is more work involved. Hierarchies are often adopted because
they make it easier to organize and to distribute a workload. So,
there is a tradeoff, intrinsically, when an RP wants to pick and
choose data from a hierarchy. If a set of ASes want to let some
third party do all of this for them, then they could use the LTA
mechanisms to do that, in a trivial fashion. But, that approach give
up all local control, and so it has its own downside.
Steve
_______________________________________________
sidr mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/sidr
