New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
New Field: RPKI checkbox on ASN #56
Comments
On 08.09.2016 08:09, eloos wrote:
Imho yes, instead of a single 0|1 I would add a value between 0 and 1 Arnold |
the semantics of what exactly is requested in this feature request are entirely unclear to me. is the number something that should be acted upon? if yes, how? it cannot be a binary decision, might vary per region, per as-set, per interconnection. even something simple as max_prefix already has complicated semantic interpretation, we should really think this one through |
The intention of this was to signal that an ASN's originated prefixes should be fully covered by ROAs, and that filtering by ROA validity is therfore safe for that origin. The semantics are "my prefixes should be fully covered" = [true|false]. |
@benmaddison aha. But if your prefixes are fully covered, I can observe that myself in the RPKI. I don't see a point in replicating that information into PeeringDB - (where it can become stale or wrong, but above all its a cryptographically unverified statement.) |
@job agreed - I'm not entirely convinced that this is a good idea (at least not in the longer term). It does however solve an issue that AA was discussing with me: |
@benmaddison I suspect this discussion belongs either in IETF where a new ROA attribute is defined |
@job, happy with that. Either mail, or the hotel bar in DC? |
Request from Andrew Alston:
Can a checkbox be added to a net object to indicate whether its prefixes are properly validated using RPKI.
Bonus question: could we derive this info from routing registries and make it auto-update?
The text was updated successfully, but these errors were encountered: