|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: So -- what did happen to Panix?
Todd Underwood wrote: >> seems to me that certified validation of prefix ownership and as >> path are the only real way out of these problems that does not >> teach us the 42 reasons we use a *dynamic* protocol. >certified validation of prefix ownership (and path, as has been >pointed out) would be great. it's clearly a laudable goal and seemed >like the right way to go. but right now, no one is doing it. the >rfcs that's i've found have all expired. and the conversation about >it has reached the point where people seem to have stopped even >disagreeing about how to do it. in short, it's as dead as dns-sec. >so what are we do do in the meantime? (a) I'd hardly say dead - there's the sidr work starting up in the IETF with vendor/operator/registry participation. And there was a panel discussion at the last NANOG about government efforts to assemble the right people (vendors/operators/registries/etc) to work on routing infrastructure security - and prefix origination was one of the biggest item on everyone's list of goals/hopes/longings/dreams. (Truth in advertising: I've been one of those involved in the gov't sponsored workshops.) (b) dnssec isn't dead - there's serious work afoot to get it deployed. Sweden and RIPE have signed their zones. There are web sites that point to work going on, if you'd like to know more: www.dnssec-deployment.org www.dnssec.net (Truth in advertising: I work with people who are working on this.) (z) I think you mean internet drafts, not rfcs. I don't think there have been any rfcs (would there were - we'd be in a different situation), and rfcs don't expire. --Sandy
|