Karen, This is indeed a better description.
And I believe it would be even better if Randy could describe how a "local trust anchor” takes effect on different cases. Declan Ma ZDNS Ltd. > 在 2015年4月4日,上午2:18,Karen Seo <[email protected]> 写道: > > Folks, > > Here's a better description of Case 3. (Thanks go to David Mandelberg for > catching the problems with the previous version.) > Case 3: > Organization A is authorized to control the routing of traffic from a set of > organizations (within A's administrative control) to the rest of the > Internet. A wants to re-route traffic from these organizations that is > destined for a set of systems outside of A's administrative control to a set > of systems under its control, or to have that traffic dropped. A accomplishes > this by controlling the UPDATES (for the routes to the addresses for those > systems) that are sent to those organizations. If these organizations use the > RPKI, A needs a way to ensure the information they obtain from the RPKI > supports A’s traffic management goals. > > For example, Alice runs the network operations for a large consortium C that > operates AS Y. Her management requests that traffic from C's members that is > destined for a competitor's server at address Q in AS X, be re-directed to > one of C's servers in AS Y. To do this, Alice assigns address Q to a server > in AS Y and has AS Y originate routes for address Q. Alice has to ensure that > the RPKI has the appropriate certificates, ROAs, etc. for these approved > routes, as well as for the rest of the Internet. > Karen > > On 3/10/15 1:38 AM, Karen Seo wrote: >> Randy et al., >> >> In hopes of restarting work on this draft, here is proposed text for section >> 4. This is an attempt to integrate the original text with the comments to >> the list submitted back in Feb 2014. My apologies if I've mis-understood >> the original draft text or the comments. Does this correctly and clearly >> describe the use cases? >> >> 4. Use Cases >> >> Case 1: >> Organization C finds that its CA certificate has been revoked (or modified >> to remove resources) by the RIR (or ISP) that issued it. Or, if C has >> outsourced its CA operations, C finds that one of its children's >> certificates has been revoked (or modified to remove resources). C disagrees >> with this action and would like relying parties to be able to ignore, at >> their discretion, the certificate revocation (or modification). The >> revocation or modification could be: >> • unintentional, i.e., due to an error by RIR (or ISP) staff >> • malicious, i.e., done with the intent to cause problems, which could >> be aimed at C or some other entity. >> • mandated by a law enforcement agency in the jurisdiction where the >> RIR (or ISP) operates >> For example, Carol, a RIPE resource holder (LIR, PI holder, ...), is a >> victim of the "Dutch Court Attack." Someone has convinced a Dutch court to >> force the RIPE/NCC to remove or modify some or all of Carol's certificates, >> ROAs, etc. or the resources they represent. However, the operational >> community wants to retain the ability to route to Carol's network(s). >> >> Case 2: >> Organization B makes use of private address space (RFC 1918) or address >> space allocated to another party but not globally announced by that party or >> by B. B wants its routers to be able to use RPKI data for both internal >> routing to these addresses and for global routing. >> >> Case 3: >> Organization A is authorized to control the routing of traffic from a set of >> organizations (within A's administrative control) to the rest of the >> Internet. A wants traffic from these organizations that is destined for a >> set of prefixes outside of A's administrative control to be routed to other >> addresses, or to be dropped. A accomplishes this by controlling the UPDATEs >> sent to those organizations. Because these organizations use the RPKI, A >> needs a way to coordinate their use of the RPKI in support of A’s traffic >> management goals. >> >> For example, Alice runs the network operations for a large consortium X. Her >> management requests that traffic (from X's members) that is destined for a >> competitor's site, be re-directed to a site approved by X. To do this, Alice >> has to ensure that the RPKI has the appropriate certificates, ROAs, etc. for >> those approved addresses as well as for the rest of the Internet. >> Thank you, >> Karen >> >> >> >> >> >> >> _______________________________________________ >> sidr mailing list >> >> [email protected] >> https://www.ietf.org/mailman/listinfo/sidr > > _______________________________________________ > sidr mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/sidr _______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
