draft-ietf-grow-irr-routing-policy-considerations-04.txt   draft-ietf-grow-irr-routing-policy-considerations-05.txt 
GROW Working Group D. McPherson GROW Working Group D. McPherson
Internet-Draft Verisign, Inc. Internet-Draft Verisign, Inc.
Intended status: Informational S. Amante Intended status: Informational S. Amante
Expires: February 27, 2015 Level 3 Communications Expires: February 28, 2015 Level 3 Communications
E. Osterweil E. Osterweil
Verisign, Inc. Verisign, Inc.
L. Blunk L. Blunk
Merit Network, Inc. Merit Network, Inc.
D. Mitchell D. Mitchell
Twitter, Inc. Twitter, Inc.
August 26, 2014 August 27, 2014
IRR & Routing Policy Configuration Considerations IRR & Routing Policy Configuration Considerations
<draft-ietf-grow-irr-routing-policy-considerations-04> <draft-ietf-grow-irr-routing-policy-considerations-05>
Abstract Abstract
The purpose of this document is to catalog past issues influencing The purpose of this document is to catalog past issues influencing
the efficacy of Internet Routing Registries (IRR) for inter-domain the efficacy of Internet Routing Registries (IRR) for inter-domain
routing policy specification and application in the global routing routing policy specification and application in the global routing
system over the past two decades. Additionally, it provides a system over the past two decades. Additionally, it provides a
discussion regarding which of these issues are still problematic in discussion regarding which of these issues are still problematic in
practice, and which are simply artifacts that are no longer practice, and which are simply artifacts that are no longer
applicable but continue to stifle inter-provider policy-based applicable but continue to stifle inter-provider policy-based
skipping to change at page 1, line 44 skipping to change at page 1, line 44
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on February 27, 2015. This Internet-Draft will expire on February 28, 2015.
Copyright Notice Copyright Notice
Copyright (c) 2014 IETF Trust and the persons identified as the Copyright (c) 2014 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 5, line 29 skipping to change at page 5, line 29
4.1. Lack of Resource Certification 4.1. Lack of Resource Certification
Internet number resources include IPv4 addresses, IPv6 addresses, Internet number resources include IPv4 addresses, IPv6 addresses,
Autonomous System Numbers (ASNs), and more. While these resources Autonomous System Numbers (ASNs), and more. While these resources
are generally allocated by hierarchical authorities, a general are generally allocated by hierarchical authorities, a general
mechanism for formally verifying (such as through cryptographic mechanism for formally verifying (such as through cryptographic
mechanisms) when parties have been allocated resource remains an open mechanisms) when parties have been allocated resource remains an open
challenge. We generally define such a system a Resource challenge. We generally define such a system a Resource
Certification System, and we note that some candidate examples of how Certification System, and we note that some candidate examples of how
such a general system might be implemented and deployed exist such a general system might be implemented and deployed exist
[RC_HotNetsX], [RFC6480]. [TASRS], [RC_HotNetsX], [RFC6480].
One of the largest weaknesses often cited with the IRR system is that One of the largest weaknesses often cited with the IRR system is that
the data contained within the IRRs is out of date or lacks integrity. the data contained within the IRRs is out of date or lacks integrity.
This is largely attributable to the fact that existing IRR mechanisms This is largely attributable to the fact that existing IRR mechanisms
do not provide ways for a relying party to (cryptographically) verify do not provide ways for a relying party to (cryptographically) verify
the validity of an IRR object. That is, there has never existed a the validity of an IRR object. That is, there has never existed a
resource certification infrastructure that enables a resource holder resource certification infrastructure that enables a resource holder
to authorize a particular autonomous system to originate network to authorize a particular autonomous system to originate network
layer reachability advertisements for a given IPv4 or IPv6 prefix. layer reachability advertisements for a given IPv4 or IPv6 prefix.
It should be noted that this is not a weakness of the underlying It should be noted that this is not a weakness of the underlying
skipping to change at page 18, line 5 skipping to change at page 17, line 50
Policies and Procedures", Foundation Policies and Procedures", Foundation
Policy http://www.ripe.net/ripe/docs/ripe-452. Policy http://www.ripe.net/ripe/docs/ripe-452.
[RPKI_SIZING] [RPKI_SIZING]
Osterweil, E., Manderson, T., White, R., and D. McPherson, Osterweil, E., Manderson, T., White, R., and D. McPherson,
"Sizing Estimates for a Fully Deployed RPKI", Verisign "Sizing Estimates for a Fully Deployed RPKI", Verisign
Labs Technical Report 1120005 version 2 http:// Labs Technical Report 1120005 version 2 http://
techreports.verisignlabs.com/ techreports.verisignlabs.com/
tr-lookup.cgi?trid=1120005&rev=2. tr-lookup.cgi?trid=1120005&rev=2.
[TASRS] Osterweil, E., Amante, S., and D. McPherson, "TASRS:
Towards a Secure Routing System Through Internet Number
Resource Certification", Verisign Labs Technical Report
1130009 http://techreports.verisignlabs.com /tr-
lookup.cgi?trid=1130009&rev=1.
Authors' Addresses Authors' Addresses
Danny McPherson Danny McPherson
Verisign, Inc. Verisign, Inc.
Email: dmcpherson@verisign.com Email: dmcpherson@verisign.com
Shane Amante Shane Amante
Level 3 Communications Level 3 Communications
1025 Eldorado Blvd 1025 Eldorado Blvd
 End of changes. 6 change blocks. 
5 lines changed or deleted 11 lines changed or added

This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/