Re: constraining RPKI Trust Anchors

[Randy Bush <randy () psg com>]

> So while each RP should be able to make policy decisions based on its
> own local criteria, managing a default set of constraints is something
> that is best done centralized. Who do you envision should manage these
> lists? RP software maintainers? RIRs? Others?

and how will this pain-to-maintain list be distributed?  how do i know
a copy is authentic not an attack?

i am all for a single root of trust.  it's just that i thought it was
the iana's job.  but i am easily confused.

randy