nanog mailing list archives
Re: Reaching out to ARIN members about their RPKI INVALID prefixes
From: nusenu <nusenu-lists () riseup net>
Date: Tue, 18 Sep 2018 20:33:00 +0000
Christopher Morrow wrote:
Perhaps this was answered elsewhere, but: "Why is this something ARIN (the org) should take on?"
Thanks for this question, I believe this is an important one. I reasoned about why I think RIRs are in a good position to send these emails here: [1] but I will quote from it for convenience:
Notifying affected IP Holders The natural next step (and that was our initial intention when looking at INVALIDs) would be to send out emails to affected IP holders and ask them to address the INVALIDs but although that could be automated, we believe the impact would be better, if that email came from some trusted entity like the RIR relevant to the affected IP holder instead of a random entity they never had any contact before (us). Asking RIRs to reach out to their members also scales better since every RIR would only have to take care of their own members.
[...] [1] https://medium.com/@nusenu/towards-cleaning-up-rpki-invalids-d69b03ab8a8c
Why can't (or why isn't) this something that 'many' monitoring/alerting companies/orgs are offering?
There are companies offering BGP monitoring including RPKI ROAs, but the affected IP holders are unlikely customers of those monitoring services or generally aware of the problem.
it's unclear, to me, why ARIN is in any better position than any other party to perform this sort of activity? I would expect that, at the base level, "I just got random/unexpected email from ARIN?" will get dropped in the spam-can, while: "My monitoring company to which I signed up/contracted emailed into my ticket-system for action.. better go do something!" is the path to incentivize.
The problem is how do you make operators aware of the problem in the first place.
The question I asked ARIN was specifically:Would you be open to reach out to your affected members to inform them about their affected IP prefixes?'how?' (email to the tech-contact? etc? did they sign up for said monitoring and point to the right destination email catcher?)
Yes that is what I had in mind (notification via email to the tech contact). kind regards, nusenu -- https://twitter.com/nusenu_ https://mastodon.social/@nusenu
Attachment:
signature.asc
Description: OpenPGP digital signature
Current thread:
- Re: Reaching out to ARIN members about their RPKI INVALID prefixes, (continued)
- Re: Reaching out to ARIN members about their RPKI INVALID prefixes Christopher Morrow (Sep 19)
- RE: Reaching out to ARIN members about their RPKI INVALID prefixes Phil Lavin (Sep 19)
- Re: Reaching out to ARIN members about their RPKI INVALID prefixes Christopher Morrow (Sep 19)
- Re: Reaching out to ARIN members about their RPKI INVALID prefixes Alex Band (Sep 19)
- Re: Reaching out to ARIN members about their RPKI INVALID prefixes nusenu (Sep 19)
- Re: Reaching out to ARIN members about their RPKI INVALID prefixes Owen DeLong (Sep 19)
- Re: Reaching out to ARIN members about their RPKI INVALID prefixes nusenu (Sep 19)
- Re: Reaching out to ARIN members about their RPKI INVALID prefixes Owen DeLong (Sep 19)
- Re: Reaching out to ARIN members about their RPKI INVALID prefixes John Curran (Sep 19)
- Re: Reaching out to ARIN members about their RPKI INVALID prefixes nusenu (Sep 18)
- Re: Reaching out to ARIN members about their RPKI INVALID prefixes Christopher Morrow (Sep 18)
- Re: Reaching out to ARIN members about their RPKI INVALID prefixes Owen DeLong (Sep 18)
- Re: Reaching out to ARIN members about their RPKI INVALID prefixes Christopher Morrow (Sep 18)
- Re: Reaching out to ARIN members about their RPKI INVALID prefixes nusenu (Sep 18)
- Re: Reaching out to ARIN members about their RPKI INVALID prefixes nusenu (Sep 18)
- Re: Reaching out to ARIN members about their RPKI INVALID prefixes Christopher Morrow (Sep 18)
- Re: Reaching out to ARIN members about their RPKI INVALID prefixes Mark Milhollan (Sep 20)