Dear Denis, On Tue, Oct 16, 2018 at 01:18:21PM +0000, denis walker via routing-wg wrote:
From: denis walker via db-wg <db-wg@ripe.net> To: Job Snijders <job@instituut.net>; Nick Hilliard <nick@foobar.org> Cc: Marco Schmidt <mschmidt@ripe.net>; "db-wg@ripe.net" <db-wg@ripe.net> Sent: Tuesday, 16 October 2018, 3:57 Subject: Re: [db-wg] RIPE Policy Proposal 2018-06 Aims to Delete Conflicting Non-authorative IRR Objects
Just a couple of points. First is a technical issue with your proposal. In your Rationale you mention ¨creating out of region inetnums¨. It wasn't possible to create such objects. Only out of region aut-nums and route(6)s.
Thanks - we'll fix that in the next revision.
You talk about cleaning up garbage in the RIPE-NONAUTH IRR. The principle of cleaning up garbage is always good. But doesn't this still leave a lot of potential garbage in all the commercial IRRs where ROUTE objects can still be created without authorisation by, consent from and knowledge of the address space holder?
Yes it does *today*, however, there is good news on the horizon! A few commercial IRRs (specifically the largest two) are working to apply a similar "RPKI supersedes IRR" model in their service offering. NTT has funded the development of IRRd v4. One of the crucial featuers in the IRRd v4 series will be similar functionality to what 2018-06 proposes (with a few differences on which attachment point this operates at). See slides 11 - 18 http://www.lacnic.net/innovaportal/file/3135/1/lacnic30_snijders_routing_sec...
So should we also be promoting the RIRs authoritative IRRs over commercial IRRs so that ROUTE objects can all be created with proper authorisation?
Yes, and promote creation of RPKI ROAs Kind regards, Job