Although I support Rpki as a technology, there are legitimate concerns that it could be abused. I now believe that Rpki needs work in this area at IETF level so the concerns are adressed.
I imagine some form of secret sharing among different parties or sme form of key escrow. I am sure that it is not an easy problem, but maybe some progress can be made in this direction. Regards Carlos On Feb 1, 2011, at 7:33 PM, Michael Hallgren <m.hallg...@free.fr> wrote: > Le mardi 01 février 2011 à 12:14 -0500, Christopher Morrow a écrit : >> On Sun, Jan 30, 2011 at 2:55 PM, Martin Millnert <milln...@gmail.com> wrote: >>> Here be dragons, >> <snip> >>> It should be fairly obvious, by most recently what's going on in >>> Egypt, why allowing a government to control the Internet is a Really >>> Bad Idea. >>> >> >> how is the egypt thing related to rPKI? >> How is the propsed rPKI work related to gov't control? >> >>> architecturally/technologically *impossible* for a entity from country >>> A to via-the-hierarchical-trust-model block a prefix assigned to some >>> entity in country B, that is assigned by B's RIR and in full >>> accordance with the RIR policies and in no breach of any contract. >> >> countries do not have RIR's, countries have NIR's... regions have RIR's. > > In this context, at least, perhaps the NIR should be considered > superfluous or redundant? What is the operational rationale behind the > NIR level? Wouldn't a flatter RIR-LIR structure do just fine? > > mh > >> > >
