Re: A top-down RPKI model a threat to human freedom? (was Re: Level 3's IRR Database)

[Alex Band <alexb () ripe net>]

On 1 Feb 2011, at 22:20, Owen DeLong wrote:

> On Feb 1, 2011, at 9:14 AM, Christopher Morrow wrote:
>
> > On Sun, Jan 30, 2011 at 2:55 PM, Martin Millnert <millnert () gmail com> wrote:
> > > Here be dragons,
> > <snip>
> > > It should be fairly obvious, by most recently what's going on in
> > > Egypt, why allowing a government to control the Internet is a Really
> > > Bad Idea.
> >
> > how is the egypt thing related to rPKI?
> > How is the propsed rPKI work related to gov't control?
> RPKI is a big knob governments might be tempted to turn.

Of course we looked into this, cause we're running our service from Amsterdam, the Netherlands. The possibilities for 
law enforcement agencies to take measures against the Resource Certification service run by the RIPE NCC are extremely 
limited. Under Dutch law, the process of certification, as well as resource certificates themselves, do not qualify as 
goods that are capable of being confiscated.

Then of course, the decision making process always lies in the hands of the network operator. Only if a government 
would mandate an ISP to respect an invalid ROA and drop the route, it would be effective. 

So *both* these things would have to happen before there is an operational issue. Like you've seen in Egypt, pulling 
the plug is easier...

YMMV on your side of the pond.

Alex Band
Product Manager, RIPE NCC

Attachment: smime.p7s
Description: