Hi Eric, Technical possibility does not mean that you can force it to be implemented. While there are related documents for legacy resources for example, not all the legacy resource holders not having any relationship with RIPE NCC will abide the rules. On the other hand not all RIPE NCC members seem to interested in RPKI as there is always a question on trusting, treats and local law. Personally me is against using this mechanism. Regards, Vladislav -----Original Message----- From: Erik Bais [mailto:ebais@a2b-internet.com] Sent: Monday, November 10, 2014 4:54 PM To: Potapov Vladislav; routing-wg@ripe.net Subject: RE: [routing-wg] FW: discussion about rogue database objects Hi Poty, In the RIPE region all resources are allowed to be signed for RPKI. Policy 2013-04 ( Resource Certification for non RIPE-NCC Members) - http://www.ripe.net/ripe/policies/proposals/2013-04 Status : Accepted and implemented. That allows all IP resources to be used under RPKI within the RIPE region for registered resources, if there is a contractual agreement between the resource holder : For PA : valid SSA for LIR membership For Legacy : Signed agreement as described under RIPE-605 (http://www.ripe.net/ripe/docs/ripe-605 ) explaining how to do so. Like signing the actual Terms and Condition for an LIR who has legacy space and wishes to import their Legacy space into the LIR portal for ease of administration and usage of RPKI. ( Ripe document RIPE-616 ) For PI space : Signed End-User Agreement between RIPE NCC, the Sponsoring LIR and the End-User holder of the resource. I don't know what the status is specifically for other RIR's in terms of their acceptance for RPKI for non-members. ( legacy holders or PI space ) But we (RIPE community) are ready for it from a policy point of view as far as I see it. Regards, Erik Bais -----Oorspronkelijk bericht----- Van: routing-wg-bounces@ripe.net [mailto:routing-wg-bounces@ripe.net] Namens poty@iiat.ru Verzonden: maandag 10 november 2014 14:08 Aan: routing-wg@ripe.net Onderwerp: [routing-wg] FW: discussion about rogue database objects -----Original Message----- From: routing-wg-bounces@ripe.net [mailto:routing-wg-bounces@ripe.net] On Behalf Of Ronald F. Guilmette Sent: Monday, November 10, 2014 1:56 AM To: routing-wg@ripe.net Subject: Re: [routing-wg] discussion about rogue database objects In message <545FDE27.7030702@velea.eu>, Elvis Daniel Velea <elvis@velea.eu> wrote:
*Regarding the future process:** * I do not think it will be that easy to come up with a process. RPKI may
not be available for legacy (or independent) resources in all the regions. I think this means the RIRs will first need to speed up the deployment of RPKI for all the resources in their registries... ...
Can anyone speak to this? What resources in what registries cannot currently be covered by RPKI? If the answer is "none", then there is no problem with requiring that right now, correct? ---------------- There are actually not only technical matters, but sort to say political, law, ... As about what resources currently can't be covered by RPKI - they had already been mentioned: legacy as an example. Regards, Vladislav