(I appreciate the corrections, and I really was trying to not be political nor be mean to the political parts)
On Thu, Sep 8, 2016 at 1:39 PM, David Conrad <[email protected]> wrote: > Chris, > > On September 7, 2016 at 4:42:21 AM, Christopher Morrow ( > [email protected]) wrote: > > I don't disagree that running a CA is 'simple'... I think though that if > the RIRs are in a position where there won't be a single root above them > 'for a while' (it's been ~10 yrs at this point) but they feel they need to > move forward with something, is this direction acceptable? is it better to > document that decision and it's gotchas than to not move forward at all? or > to 'continue waiting for the single root' to arrive? > > For blood pressure spiking reasons, I have been trying to keep out of this > discussion, but this put me over the edge. > sorry about that, not trying to get people angry, really. > As far as I am aware, ICANN as the IANA Internet Numbering Functions > Operator, has been and continues to be willing to provide RPKI "single > root" services. In point of fact, ages ago, I personally authorized > non-trivial expenditures (including hiring staff) to set up and deploy a > working RPKI root pilot to allow the RIRs to test working with a single > root as directed by the IAB in https://www.iab.org/documents/ > correspondence-reports-documents/docs2010/iab-statement-on-the-rpki/: > > "Thus, the IAB strongly recommends a single root aligned with the root of > the address allocation hierarchy (now part of the IANA function). " > After said testbed deployment, I was informed that none of the RIRs were > interested in participating in the tests. > > doh! ok, so some mixed signals, that sucks. and makes this confusing and hard to fix... going forward though, what's the path? "get rir and iana/icann to agree that this is important, set a schedule for deployment, profit?" > I will admit a high level of amazement and not a small amount of > disappointment at the fascinating level of complexity being created in > order to avoid a single root. > > This is not technical. > > ok, so we're back to: "I hear what you are saying, we (community) really need 'single root' please go make that happen." it seems to me. -chris
_______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
