Hi, On Tue, May 10, 2011 at 11:38:46AM -0400, Martin Millnert wrote:
What I trust *the most* is for the proper holders of a resource to attest to their own resource(s) *themselves*.
So how do you determine which of the following attestations is true? "I permit 195.30.0.0/16 to be announced by AS5539" "I permit 80.81.192.0/22 to be announced by AS5539" AS5539 is my AS number, and one of those netblocks is mine, while the other one isn't. If I were trustworthy, and wouldn't make typing mistakes, you just would believe me that I'll only ever announce my netblocks - but reality shows that mis-announcements do happen, so the attestations are only useful if there is an authority that tells you that I'm indeed the holder of one of those blocks, and can do attestations about them... ... and that would be a hierarchical attestation following the allocation/assignment hierarchy. (Of course, my friends would know that I'm to be trusted, and could point a local trust anchor my way, but how would a network on the other end of the world know that?) Gert Doering -- did you enable IPv6 on something today...? SpaceNet AG Vorstand: Sebastian v. Bomhard Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (89) 32356-444 USt-IdNr.: DE813185279