On 2013-04-01 20:31, John Curran wrote:
Indeed, there will be some that see RPKI as a possible new approach
for such matters. The registry needs to be consistent (i.e. across
registration data, Whois publication, and RPKI publication) and we'll
certainly seek to prevent RPKI-specific actions as inconsistent with
our mission.
Speaking of inconsistencies in the RPKI, what's ARIN and the NRO's
status on getting to a single trust anchor?
Also, we have some past success dealing with non-sensical
directives, e.g. an order to reassign a single IP address from the
midst of a ISP's IP block to another party, but to the extent we get
a lawful order to change the address block registered to a party in
their jurisdiction, it's going to be fairly challenging situation.
Yeah, they were nonsensical in the past and present role of ARIN, not
in an RPKI-enabled world where revocation or transfer or inaccessibility
will have some impacted on the routability of the address block in
question.
Our best bet may be simply continuing to educate law enforcement
about
the difficulty of attempting granular actions on an IP address block
basis (as contrasted to the DNS layer);
I suspect they long ago realized RIRs have traditionally had little to
no role in this, and they reach out to ISPs where possible. Again, I'd
wager this will change, but alas, only time will tell.
from your report, it seems that they've gotten the message so far...
;-)
I doubt your messaging has impacted this, but if so, you might tell
them all the reasons it's stupid as well, and simply forces diffusion,
etc..
Actually, does ARIN have a public statement on this "message" you're
talking about - i.e., apparently why DNS takedowns are a good idea and
effective and LEOs should go that route v. contacting ISPs or hosting
providers, etc..? I'd like to pass that along to our compliance and
abuse office for inclusive in their LEO package (and selfishly,
understand the logic)?
Thanks John,
-danny
-danny
_______________________________________________
sidr mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/sidr
