Re: rpki vs. secure dns?

[Alex Band <alexb () ripe net>]

On 29 Apr 2012, at 22:03, David Conrad wrote:

> Alex,
>
> On Apr 29, 2012, at 8:16 AM, Alex Band wrote:
> > All in all, for an RPKI-specific court order to be effective in taking a network offline, the RIR would have to 
> > tamper with the registry, inject false data and try to make sure it's not detected so nobody applies a local 
> > override.
>
> I suspect the court order would simply say something like 'RIPE-NCC must, upon pain of contempt of court, take 
> sufficient steps to invalidate the allocations made to customer X' and leave it up to you all to figure out how to do 
> it. I doubt they'd care all that much about implementation details. Are you saying it is not possible for RIPE-NCC 
> staff to do this? I also doubt the court would care too much about 'local override' as the "Tyranny of Defaults" 
> would be sufficient for their needs (and they could probably sanction the folks in the Netherlands who they 
> discovered did the override).
>
> As Randy points out, this is not unique to SIDR-defined RPKI.  It is applicable to any top-down hierarchical 
> authorization mechanism.  Security has (non-monetary) costs.

Thanks David, I know that a court order doesn't have to specific. I just want to make people aware that in the case of 
RPKI, things are not as clear cut as "Revoked ROA = Offline network". It depends on many factors and I just want to 
offer a little perspective of what's involved.

-Alex

(P.S. I'm going on holiday for a week without internet access, so I won't be able to follow up on this thread for a 
while)

Attachment: smime.p7s
Description: