Re: Reaching out to ARIN members about their RPKI INVALID prefixes

[Owen DeLong <owen () delong com>]

Personally, since all RPKI accomplishes is providing a cryptographically signed notation of origin ASNs that hijackers 
should prepend to their announcements in order to create an aura of credibility, I think we should stop throwing 
resources down this rathole.

Owen


> On Sep 18, 2018, at 4:56 AM, nusenu <nusenu-lists () riseup net> wrote:
>
> Dear NANOG,
>
> when I approached ARIN about how they feel about reaching out to their members about
> prefixes that are unreachable in a route origin validation (ROV) environment,
> John Curran (CEO ARIN) referred me to you (see email bellow - quoted with permission).
>
> The question I asked ARIN was specifically:
> > Would you be open to reach out to your affected members to inform them about
> > their affected IP prefixes?
>
> John Curran (CEO ARIN) wrote:
> > If there is evidence of community
> > Interest, then ARIN can conduct a community consultation to determine
> > our best role in this area, but you first should encourage discussion
> > within the network operator community at appropriate forums.
>
> So here is my question to the network operator community in the ARIN region to
> gather if there are any (dis)agreements/opinions about such a notification by ARIN:
>
> What do you think about the idea that ARIN actively informs their affected members
> about prefixes that are unreachable in an RPKI ROV environment?
>
> The goal of that outreach/notification would be 
> - to reduce the number of broken legacy ROAs from the past
> - reduce the negative impact on reachability of affected members.
>
> looking forward to receiving your feedback!
>
> kind regards,
> nusenu
>
>
>
>
> [1] https://medium.com/@nusenu/towards-cleaning-up-rpki-invalids-d69b03ab8a8c
>
> John Curran wrote:
> > Subject: Reaching out to ARIN members about their RPKI INVALID prefixes
> >
> > Nusenu -
> >
> > Thank you for writing us - the project (and Medium post on same) are
> > quite interesting.
> >
> > I think you’ve got several options for pursuing your objectives,
> > including –
> >
> > 1) Reaching out to parties that already track and report on Internet
> > routing hygiene (e.g. Geoff Huston at http://bgp.potaroo.net, the
> > RPKI validator team at RIPE, the NIST RPKI Deployment monitor -
> > https://rpki-monitor.antd.nist.gov) to see if of them would like to
> > report on this information and/or contact those with invalids)
> >
> > 2) Raising the issue in the ARIN region via the NANOG operator forum
> > - this would make an excellent lightening talk for you (or someone
> > else familiar with it already attending) to speak about at the
> > upcoming NANOG Vancouver meeting.  If there is evidence of community
> > Interest, then ARIN can conduct a community consultation to determine
> > our best role in this area, but you first should encourage discussion
> > within the network operator community at appropriate forums.  It is
> > not appropriate for ARIN staff to be proposing this additional role
> > for the organization, as we within the ARIN staff follow community
> > direction rather than set it.
> >
> > Thanks! /John
> >
> > John Curran President and CEO ARIN
>
>
>
> -- 
> https://twitter.com/nusenu_
> https://mastodon.social/@nusenu