Re: [sig-policy] Comments on prop-059-v001: Using the Resource Public Ke
have a better understanding.
It's a little long, but I hope someone on the list can help us on these
questions.
+ It seems that two elements are proposed at the same time, so it may be
easier to make further discussions if we seperate the issues and discuss
each
1. Use of RPKI data in IRR
2. Providing overlay publication point
+ There could be cases where prefix that operator wishes to register in
IRR is different from RPKI data. How would it help in routing for such
cases?
+ How can we confirm that ROA is based on authentic RPKI? Could we
really not change the route object at all? How would it work in that case?
(We need some method to validate RPKI data registered in IRR. However,
if we do it from scratch, that will be the same as reviewing ROA. If
there are no changes in RPSL, then, we cannot validate RPKI data)
+ what are we trying to achieve by strengthening security by overlay
publication point? ie., trying to make the system work even if APNIC's
IRR fails, for example?
(just trying to understand the intention)
thanks,
izumi