In recent mail threads the concepts of "Hosted RPKI" and "Delegated RPKI" came up, but as mentioned by Tim and Rubens, another flavor also exists! A "hybrid" between Delegated and Hosted, informally known as "publish in parent" (aka RFC 8181 compliant Publication Services).
There are multiple benefits to the general RPKI ecosystem when RIRs and NIRs support RFC 8181:
* Resource Holders are relieved from the responsibility to operate always online RSYNC and RRDP servers.
* Reducing the number of Publication servers reduces overall resource consumption for Relying Parties. Consolidation of Publication Servers improves efficiency and is generally considered advantageous.
* Helps avoid "reinventing the wheel": it might be better to have a small group of experts build a globally performant and resillient infrastructure that serves everyone, rather than everyone building the 'same' infrastructure.
Other RIRs and NIRs are also working on RFC 8181 support. RFC 8181 is relatively new so it'll take some time before we see universal availability.
NIC.BR (available): https://registro.br/tecnologia/numeracao/rpki/ APNIC (available): https://blog.apnic.net/2020/11/20/apnic-now-supports-rfc-aligned-publish-in-... ARIN (planned): https://www.arin.net/participate/community/acsp/suggestions/2020/2020-1/
Is implementing RFC 8181 support something RIPE NCC should add to the https://www.ripe.net/manage-ips-and-asns/resource-management/rpki/rpki-plann... ?
What do others think?
i think it is a bit premature for the EC to make such a suggestion without consultation. randy --- randy@psg.com `gpg --locate-external-keys --auto-key-locate wkd randy@psg.com` signatures are back, thanks to dmarc header butchery