On 2013-03-20 09:15, Richard Barnes wrote:
One other thing to note is that manipulation is indistinguishable
from legitimate revocation, at a technical level. So the only
solution here is at the human layer, for RPKI relying party software
to have operator overrides. Randy stated this better than I at a
RIPE
meeting many moons ago -- with the RPKI, we're automatically handling
a common error (hijacks and fat-fingers) at the expense of having to
deal manually with an uncommon error (manipulation).
Yeh, I understand. I'm saying as an operator this continues to concern
me. Just a datapoint for the WG. Take it or leave it..
-danny
_______________________________________________
sidr mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/sidr
