Hi Randy,
I did. Thank you very much.
Do you think that a notice to law enforcement about how this action would be
ineffective and counter-productive has a place in your analysis? Something
along the lines of what I suggested earlier:
Law enforcement would be ill-advised to take this cause of action as it
will degrade the trust that
operators place in the global RPKI. Not only can operators use local policy
to circumvent the "bogus"
objects - making it an ineffective measure, abuse of this power will also
lead to operators choosing
not to use RPKI at all. This in turn will mean that critical internet
infrastructure will remain
vulnerable to hijacks.
I never denied that there will be some in LEA that look at RPKI as a knob to
control routing. But rather than raising this as a given and misquoting a
different incident as legal precedence (which again it just isn't in the legal
sense - freezing contact data is a far cry from changing routing), it would be
much better if the analysis made it very clear to LEAs that this is a very bad
idea in the first place.
They really should care more about protecting critical infrastructure,
governmental, military and civil - where a lot more is to be lost in security
and economic damages if the technical community turns away from this
technology, than there is to be gained by black-holing some traffic -
ineffectively and temporarily.
And to operators it should be clear that the use of local policy or exceptions
(e.g. SLURM) can be used to easily circumvent such actions.
Tim
> On 01 Aug 2016, at 18:40, Randy Bush <[email protected]> wrote:
>
> you may, or may not, notice that the current i-d does not mention
> ripe/ncc
>
> randy
_______________________________________________
sidr mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/sidr
