Hi Malcolm,
You make it sound like I agreed to single-handedly solve the problem in all its various aspects.
Not so.
Certainly not single-handedly, but I though you would take the initiative and gather input from experts.
[...]
However, if the design of this is in the hands of the IETF not RIPE, then I have to ask whether there any point in us designing an alternative?
If the alternative fits in the framework that the IETF has designed: yes
Or is the only decision for this WG a simple YES/NO on whether the community wants RIPE NCC to implement the IETF work?
If the latter, what I have already said is probably sufficient.
I must confess my ignorance on the scope available to us, and ask for your guidance.
I think the current scope should be: can we find a way that satisfies your concerns while staying within the RPKI framework that the IETF has designed. Once we have the answer to that question we can look at the next step.
In any case, my own core relevant expertise lies in correcting some of the misinformation propagated here about "black helicopters" and so forth, by providing concrete information on public policy developments in progress, and filling in the information gap left by the RIPE NCC's legal advice, which disclaims advising upon the likelihood and likely consequences of future changes in the law (I'm not criticising the lawyer for leaving this gap: that area is essentially Public Affairs advice not legal advice).
I don't think this is the place for discussions about possible future law changes. *anything* can be changed in the law, and the usual way to influence that is through voting. We deal with the current situation, and if the landscape changes we can always start a new policy proposal.
I suggest that this is important input to this WG's decision as to whether it believes 2008-08 (or any successor proposal) is in fact useful, i.e. whether it is likely to do more good than harm.
I was just thinking: are these problems really about the RIPE NCC providing certification services for the resources they hand out, or is this about big router vendors implementing route-origin-code in their OS? I mean: that is the part that actually influences routing, and the data used there can come from RPKI but also from other sources. You seem to be concerned that governments can force ISPs to use RIPE NCC issued ROAs for this, and then force the RIPE NCC to revoke/reissue ROAs. Why would governments take this legally difficult path and not just force ISPs to use government-supplied data as input for their routers? The more I think about it the more I feel that governments have *many* easier ways to influence routing than the ways you are worried about... Sander