One correction below. On Jun 5, 2012, at 12:42 PM, Daniel Massey wrote: [--snip--] > I think the first step is to step back and ask whether every operational > model needs > enumeration. For example, the talk yesterday by Level3 used the DNS and > IRR > did not need such an enumeration.
To clarify the above, the IRR _does_ provide an enumerated list of "Candidate" (IP prefix + Origin_AS) pairs. The second step is to walk through those "Candidate" pairs and ask DNSSEC, in question/answer process, to validate that the "Candidate" IRR (IP prefix, Origin_AS) pairs are authentic, or not. So, considering each step independently: the former (IRR data) is enumeration, the second is not. However, in the context of this specific operational model, the end result is an enumerated list of validated (IP Prefix, Origin_AS) pairs. -shane
