Sascha, On Jun 1, 2011, at 11:11 AM, Sascha Luck wrote:
On Wed, Jun 01, 2011 at 12:02:25PM +0300, Randy Bush wrote:
anybody can play with announcements, with potentially global impact.
s/can/does/. happens daily. though almost all are accidents.
So, a few accidents with rarely any noticeable impact (At least I don't notice any major connectivity issues every day)
This could either mean your prefix isn't getting hijacked (others are) or the hijacking is being done in such a way that you don't notice. It doesn't mean that hijacking doesn't occur and isn't a significant problem. RPKI provides an infrastructure that would allow for tools to be built that could address this problem.
Yet, also daily, I read about an attempt by $someone to censor, cut off or otherwise regulate somebody else's internet access.
Not sure about daily, but yes, this is a problem. I have absolutely no doubt that if a tool exists that allows politicians to claim they're doing something to solve "a problem", they'll use it.
You have to excuse me for not quite believing that this attempt to impose a centralised structure upon internet routing has anything to do with preventing someone from fat-fingering a prefix advertisement...
It really does have something to do with preventing fat-fingering (or perhaps more accurately, reduces the impact of that fat-fingering). The main arguments I've heard (some cynical, some not) for RPKI have been: - allow for SIDR deployment - allow for the RIRs to enforce their policies - allow for the RIRs to have a viable business model after IPv4 is exhausted - allow the existing address hierarchy model to be enforced (disallow 'alternative address registries') Other folks might have heard other arguments. Regards, -drc