On Fri, Aug 10, 2012 at 7:02 AM, Terry Manderson <[email protected]> wrote: > I'm sorry Chris, I think this concern about having to 'avoid' LEA actions is > FUD worthy. Regardless if it occurs at the peak of the hierarchy or any level > underneath.
<lots of words elided> hrm, so... LEA folk figuring things out aside, which I think is a valid point (they are getting smarter, and they will just move their request to the right hinge) 1) the grandparenting idea permits a party above you in the chain to make an attestation that others would believe (presuming your current attestation times out/expires). 2) there is already support for multiple valid ROA's for the same resource (1.2.3.0/24 origined by AS1 and AS2 and AS3) 3) the actions available are: a) revoke cert for resource (invalidates roas and other bits along the way) b) issue a competing roa 4) both of the above are 'fixable' with grandparenting I wasn't actually trying to frighten anyone, I was just pointing out that if the original intent was to permit someone above me to 'fix' me in the case of a problem in the middle layer(s), that intent could be used for 'good' or for 'bad'. I don't see that that is an incorrect point here. I do agree with Terry that it's certainly seems dangerous. I'm also not sure that even without enumerating the facts in a draft people wouldn't eventually figure this out on their own... -chris _______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
