On Thu, Aug 30, 2012 at 3:23 PM, Christopher Morrow <[email protected] > wrote:
> On Thu, Aug 30, 2012 at 2:30 PM, Brian Dickson > <[email protected]> wrote: > > (2) If INRs are meant to be exclusive, why does the RPKI not enforce that > > exclusivity? > > more than one origin ASN may be valid for a single prefix? > In the same paragraph you snip-quoted, was the following: (Note here - the presumption is not uniqueness by ASN, but uniqueness by organization controlling ROA assignment, where that single org could/would issue ROAs for multiple ASNs.) Same org == same CA. So, does it not make sense that the RPKI, meaning its design, architecture, procedures, etc., should actually enforce exclulsivity? This is pretty fundamental to the number resource tree, and to routing validation. If this is a design flaw in the RPKI, I think it is one that needs to be addressed. Since origin validation is dependent on the RPKI and its validation rules, it's kind of "square one" for all things SIDR. Brian
_______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
