Re: Why are paper LOAs still used?

[Carlos Friaças via NANOG <nanog () nanog org>]

Hi All,

There is this blogpost from the FIRST netsec-sig group, about this topic, 
available at 
https://www.first.org/blog/20231222-Is-the-LoA-DoA-for-Routing


I totally agree with Christopher. The above blogpost ends with (for those 
who don't like to follow links):

"With the current level of RPKI adoption, now is time to adopt it as the 
best current practice, to discontinue the usage of LOAs for authorization 
of routing, and to instead rely on ROV, ROAs, and the cryptographic trust 
we all can obtain from them!"


Best Regards,
Carlos


On Tue, 27 Feb 2024, Christopher Hawker wrote:

> Hi Seth,
>
> LOAs can't be considered more trustworthy than IRR objects. The RIRs operate IRRdb services as part of the services 
> they offer which
> network operators should be using instead of the free and paid non-authoritative IRRdb operators.
>
> If you don?t mind, could you please reach out to me off-list with who the VPS hosting provider is that is only 
> accepting LOAs? I?d like to
> reach out to them to discuss their decision.
>
> I?m doing a talk at APRICOT 2024 on using ROAs to replace LOAs. In my view there's no reason why network operators 
> cannot use ROAs instead
> to validate the routes received from their peers, be they upstream or downstream.
>
> Regards,
> Christopher Hawker
>
>
> Sent from my iPhone
>
>       On 27 Feb 2024, at 1:57?am, Seth Mattinen via NANOG <nanog () nanog org> wrote:
>
>       Why do companies still insist on, or deploy new systems that rely on paper LOA for IP and ASN resources? How can 
> this be
>       considered more trustworthy than RIR based IRR records?
>
>       And I'm not even talking about old companies, I have a situation right now where a VPS provider I'm using will no 
> longer use
>       IRR and only accepts new paper LOAs. In the year 2024. I don't understand how anyone can go backwards like that.
>
>       ~Seth