Re: "Defensive" BGP hijacking?

[Mel Beckman <mel () beckman org>]

Scott and Doug,

The problem with a new automated enforcement system is that it hobbles both agility and innovation. ISPs have enjoyed 
simple BGP management, entirely self-regulated, for decades. A global enforcement system, besides being dang hard to do 
correctly, brings the specter of government interference, since such a system could be overtaken by government entities 
to manhandle free speech. 

In my opinion, the community hasn't spent nearly enough time discussing the danger aspect. Being engineers, we focus on 
technical means, ignoring the fact that we're designing our own guillotine. 

 -mel beckman

> On Sep 14, 2016, at 12:10 AM, Scott Weeks <surfer () mauigateway com> wrote:
>
>
>
> --- dougm.work () gmail com wrote:
> From: Doug Montgomery <dougm.work () gmail com>
>
> If only there were a global system, with consistent and verifiable security
> properties, to permit address holders to declare the set of AS's authorized
> to announce their prefixes, and routers anywhere on the Internet to
> independently verify the corresponding validity of received announcements.
>
> *cough      https://www.nanog.org/meetings/abstract?id=2846     cough*
> ------------------------------------------------
>
>
> Yes, RPKI.  That's what I was waiting for.  Now we can get to
> a real discussion... ;-)
>
> scott