Hi
On 23 Dec 2019, at 11:39, Randy Bush <randy@psg.com> wrote:
erik,
Personally, I'm not in favour of this policy as I don't like the NCC to start to injecting ROA's that are not allocated or assigned to members or end-users.
I think it sets the wrong precedence for the community and it could open up for scope creep to abuse the system for other usage. So on that regards, I wouldn't mind if the proposal would be dropped.
first, as $subject says, if anywhere, this should be in the routing wg. let us resist the inclination to make what was the anti spam wg the net police, judge, and jury.
on the proposal itself, i am of two minds. while i see negligible initial harm, it's not clear it will do a lot of good. and i see your point about the slippery slope of mission creep.
i do find it amusing that it uses the singular case where an ROV origin can not be 'usefully' forged. i.e. the attacker can not postpend AS 0 and have it accepted. but this cute factor still does not sell the proposal to me.
I agree with the above. Further, as Alexander Azimov pointed out: people can just announce a *less* specific, which will be "Not Found" even if an AS0 ROA exists for more specific. And because there is no competing (valid/not found) announcement they will attract the traffic. So, it seems that these AS0 ROAs will not be very effective. Tim