All, On Fri, 23 Oct 2015 19:51:47 +0900 Randy Bush <randy@psg.com> wrote:
On 22 Oct 2015, at 23:05, denis <ripedenis@yahoo.co.uk> wrote:
Maybe I have missed something here. But I thought Tim was very clear that his proposal is to prevent the use of this MNTNER in a "mnt-by" attribute. He also said clearly it has nothing to do with the parallel discussion on hierarchical authorisation for out of region ROUTE objects.
The current proposal just prevents the use of this maintainer on mnt-by, but it is still used to authorise the creation of the objects. This is easy to implement and just enforces current best practice without fundamentally changing the authorisation model.
Therefore we propose to do this as a quick first step
+1 (despite the wg chairs having told us to vote otherwise)
I agree. Lets do the two mnt-by changes proposed, then worry about out-of-region authentication separately.
then continue with the discussion below.
sigh
It doesn't have to be a *long* discussion. :) Certainly some things are completely non-controversial (not requiring authentication from AS number holders), right? Cheers, -- Shane