<div dir="ltr"><div class="gmail_default" style="font-family:monospace,monospace">Dear all:<br><br>From my point of view it is not the fault of the RIR if end users generate """invalid""" ROAs.<br><br>Furthermore, I am totally against the idea of the RIR executing alteration tasks of the resources created *voluntarily* by its members when this information does not present any risk to the rest of the community.<br><br>It seems to me correct that these anomalies are reported in this and other lists of a technical nature, since that is one of their main objectives, but please maintain mutual respect and good manners.<br><br>A warm greeting to all and thanks for the good work<br></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Thu, Aug 19, 2021 at 11:34 AM Ronald F. Guilmette <<a href="mailto:rfg@tristatelogic.com">rfg@tristatelogic.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">In message <CAJBrruiDNGXLGLrS+=PuqKyq8z7vB1m5oa5edshEB=<a href="mailto:G1cRcg7Q@mail.gmail.com" target="_blank">G1cRcg7Q@mail.gmail.com</a>>, <br>
Roque Gagliano <<a href="mailto:rgaglian@gmail.com" target="_blank">rgaglian@gmail.com</a>> wrote:<br>
<br>
>If you really want to change how the ROAs work, please go ahead and submit<br>
>an IETF draft and follow the process. All your points were discussed a lot<br>
>during the design process.<br>
<br>
I'm sorry. It seems that I failed to make myself clear.<br>
<br>
I have no interest whatsoever in making *any* changes at all to the existing<br>
RPKI system *or* to any of its associated ROAs, either currently existing<br>
ones or future ones. I have not proposed that, I have not suggested that,<br>
I have not even vaguely insinuated that, and indeed I would be opposed to that,<br>
absent the kind of formal IETF process that you mentioned.<br>
<br>
No I have spoken only of the "old world" of RIR IRRs... the old system under<br>
which the five Regional Internet Registries publish *non-cryptographic* route<br>
objects themselves, via their respective Internet Route Registries. (I thought<br>
that I had made this clear, but apparently not. In any case, I hope that I have<br>
made it clear now.)<br>
<br>
It's just the old RIR IRRs that concern me. It has always been my default<br>
assumption that the new world of RPKI ROAs can and will take care of itself.<br>
<br>
With respect to the RIR IRRs... which are, in general, older than RPKI, except<br>
in the case of LACNIC, it seems... those old IRRs contain or have contained a<br>
lot of what I would call "long abandoned bogon garbage". That's the only stuff<br>
that concerns me.<br>
<br>
Unfortunately, someone at some time within LACNIC made the decision to import<br>
the entire universe of LACNIC RPKI ROAs, blindly, and en mass, into the old<br>
style LACNIC IRR -without- first filtering out what I call the "bogon garbage".<br>
<br>
As I have previously said, I think that this could be easily rectified by LACNIC<br>
staff, and *without* just ignoring all of the thousands or tens of thousands<br>
of perfectly legitimate RKPI ROAs. Those could all and should all still be<br>
imported on a route basis into the lACNIC IRR. I have no problems with that,<br>
and in fact I think it would be Good if this continued to happen. The routes<br>
that involve bogon AS numbers are a different matter however. Those should not<br>
have old-style route objects auto-generated for them which are then placed into<br>
the LACNIC IRR.<br>
<br>
I'm sure that some people (Job?) may say "Well, just don't worry about it! Bogon<br>
route objects within the IRRs of the various RIR are not actually Bad and are<br>
not really a problem." but I don't think such a claim will stand up to careful<br>
scrutiny. If bogon route objects within RIR IRRs are not "Bad" or at least<br>
undesirable, when why is it the case that all four of the other Regional<br>
Internet Registries (ARIN, RIPE, APNIC, AFRINIC) have already taken steps to<br>
remove some or all of -their- bogon route objects from -their- respective IRRs?<br>
<br>
<br>
Regards,<br>
rfg<br>
_______________________________________________<br>
LACNOG mailing list<br>
<a href="mailto:LACNOG@lacnic.net" target="_blank">LACNOG@lacnic.net</a><br>
<a href="https://mail.lacnic.net/mailman/listinfo/lacnog" rel="noreferrer" target="_blank">https://mail.lacnic.net/mailman/listinfo/lacnog</a><br>
Cancelar suscripcion: <a href="https://mail.lacnic.net/mailman/options/lacnog" rel="noreferrer" target="_blank">https://mail.lacnic.net/mailman/options/lacnog</a><br>
</blockquote></div>