nanog mailing list archives
Re: constraining RPKI Trust Anchors
From: Randy Bush <randy () psg com>
Date: Wed, 11 Oct 2023 15:26:44 -0700
So while each RP should be able to make policy decisions based on its own local criteria, managing a default set of constraints is something that is best done centralized. Who do you envision should manage these lists? RP software maintainers? RIRs? Others?
and how will this pain-to-maintain list be distributed? how do i know a copy is authentic not an attack? i am all for a single root of trust. it's just that i thought it was the iana's job. but i am easily confused. randy
Current thread:
- Re: constraining RPKI Trust Anchors Martin Pels (Oct 11)
- Re: constraining RPKI Trust Anchors Delong.com via NANOG (Oct 11)
- Re: constraining RPKI Trust Anchors Job Snijders via NANOG (Oct 11)
- Re: constraining RPKI Trust Anchors Randy Bush (Oct 11)
- Re: constraining RPKI Trust Anchors Joelja Bogus (Oct 12)