Hi,
Unfortunately you can't just set up your own RPKI, as there would be no chain of trust to a trust anchor.
Thanks, Q Director AS207960 Cyfyngedig https://as207960.net
On Thu, 11 Jun 2020 at 10:05, Quan Zhou via 44Net 44net@mailman.ampr.org wrote:
Hi,
I have a question under current situation.
If ARDC isn't doing this in a near future, under current framework, as a LOA holder, can I setup my own RPKI and sign only my lease? It looks like that in an foreseeable future it'd be increasingly difficult to peer with people without RPKI.
73 de BH1XQV
On A2020/06/11 AM3:06, Bryan Fields via 44Net wrote:
On 6/10/20 2:34 PM, Christopher Munz-Michielin via 44Net wrote:
The whole discussion around setting up an ARDC TAL was specifically to avoid becoming an ARIN member and signing an RSA.
The issue this brings up then is one of legitimacy and competency of
ARDC and
the desire to make this happen. ARDC can't figure out DNSSEC, TAL and
cert
signing is way beyond that.
RPKI is a nice to have, an additional way to secure networks, it's not
the
only way, nor should it be. It's a nice to have, but there's got to be a desire to make it happen.
73's
44Net mailing list 44Net@mailman.ampr.org https://mailman.ampr.org/mailman/listinfo/44net