On 9-Jul-2007, at 16:13, Jared Mauch wrote:
Some have automated systems, but they're dependent on IRR data
being correct. There are even tools to automate population of IRR
data.
Building customer filters from the IRR seems like it should fall in
the "easy" bucket, given how long people have been doing it, and for
how long. It's the lack of a way to trust the data that's published
in the IRR that always seems to be the stumbling block.
Various ops-aware people have been attacking the correctness issue in
the SIDR working group. The work seems fairly well-cooked to me, and
I seem to think that Geoff Huston has wrapped some proof-of-concept
tools around the crypto.
SIDR is only of any widespread use if it is coupled with policy/
procedures at the RIRs to provide certificates for resources that are
assigned/allocated. However, this seems like less of a hurdle than
you'd think when you look at how many RIR staff are involved in
working on it.
So, if you consider some future world where there are suitably
machine-readable repositories of number resources (e.g. IRRs) are
combined with machine-verifiable certificates affirming a customer's
right to use them, how far out of the woods are we? Or are we going
to find out that the real problem is some fundamental unwillingness
to automate this stuff, or something else?
Joe
