I just want to point out that I was on a different train. Discussing the supposition that query&cahce arch's behave differently that batch pull archs in either startup or steady state performance. I was not commenting on the whole trust/business model discussion.
I was replying to Eric's suggestion that DNS-like systems are an example of the on-demand architectural choice. On 12/6/12 10:03 PM, "Eric Osterweil" <[email protected]> wrote: <snip> > >I was hoping we could all see from my quoted text above that this latest >discussion is about the _architectural_ difference between the on-demand >soft-state DNS system, and the prefetching replicated state machine of >RPKI. These two are fundamentally very different architectural models. >Your comments about boot states are interesting, but somewhat off topic >to this post, imho. Those two choices seem moot from a back of the envelope performance / behavior perspective (although I would like to run some tests on a 500K query of a signed reverse DNS ... I don't expect my estimates to get better) ... With either you had better engineer well with redundant "gatherers/resolvers", that don't fate share infrastructure, etc ... Otherwise the hour glass is going to spin for a long time when a DFZ router tries to validate its RIBs. Now I return you to your trust/business model discussion ... Dougm On 12/7/12 12:34 AM, "Christopher Morrow" <[email protected]> wrote: >On Thu, Dec 6, 2012 at 11:20 PM, Montgomery, Douglas <[email protected]> >wrote: >> I was talking about when the systems designed to support the >>distribution >> of authorization information (e.g., RP/RPKI or some DNS based system?) >> were in steady state ... I.e., they have booted up and done their >>initial >> data loads. > >somewhere along the train my comment about dns got moved to 'just like >dnssec' (which I was intentionally not referring to, maybe I should >have used email as an example instead). Then in this part of the >messages I think my DNS comment got moved into 'if you distribute the >rpki data via dns instead of up/down/left/right/a-b/a-b... the >repository -> cache protocol'. I didn't mean it in that sense either >:( > >I think somewhere 5-8 messages back Arturo's note that: > 1) hosted model is just a crutch > 2) hosted model isn't intended for everyone to use > 3) most large ISP or large operations groups are expected to run their >own CA > >coupled with eric's notes that: > 1) hosted seems fragile for lots of operations > 2) people should think long and hard about using the hosted model of >controlling their own fate > >gets the general gist of my point: "If you use the hosted model you >are equivalently outsourcing your Mail/SMTP infrastructure to another >person, be sure you want to do that..." > >apologies for the confusing example :( >-chris _______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
