Tim,
That's a fair point. Are you suggesting that we create a separate doc to
enumerate
vulnerabilities in the IRR context, or that we add a section to this doc
to describe,
in less detail, such vulnerabilities?
Steve
Dear working group,
I support adopting this work. I believe it's useful to think about what can go
wrong. I am happy to see that this document (1) focusses on adverse actions
irrespective of intentional or accidental cause, and (2) does not suggest a
solution.
I do have one remaining concern, but I hope that this can be addressed: this
document can be perceived as proof of 'all the things wrong / scary' about RPKI
used for origin validation and/or BGPSec. However, to my knowledge, there is no
similar analysis of adverse actions to IRRs. Most of the same problems exist
there - and far worse: RPs do not have the benefit of object security so they
would be largely unaware. I think it would be counterproductive if this wasn't
clear, and the document is abused to make a point for being better of with
simple IRR.
Regards
Tim
_______________________________________________
sidr mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/sidr
