[rssac-caucus] FOR REVIEW: Elements of Potential Root Operators

Terry Manderson terry at terrym.net
Thu Sep 8 00:26:47 UTC 2016 

Caucus,

Speaking as just a caucus member,

I am very concerned about section 3.3.7

=-=-=-=-=-=-=
3.3.7 Address Registries

The candidate operator’s address space SHOULD be registered in one of the Regional Internet Registry (RIR) public databases. The candidate SHOULD have entries in relevant public routing registries, and if possible Route Origin Authorization (ROA) objects in relevant Resource Public Key Infrastructure (RPKI) registries for their IPv4 and IPv6 address space.
=-=-=-=-=-=-=

I fully understand what RPKI (and BGPSEC) are meant to do, and I applaud that effort. However in this context My concern comes from two directions:

1) Looking at the diversity principle, any thus by extension, we have currently exactly 5 regional internet registries (and no more on the horizon) for currently 12 operators. So in effect if all operators adopt the SHOULD we are reducing the attack vector diversity for a key component of operating a root server.

2) The RPKI and BGPSEC is fairly well thought out, however I don't believe there is depth of experience there yet. 

For both of these reasons, I believe it is premature for RSSAC to make RPKI an element of a potential root operator without a deeper investigation into the benefits and risks (and scenarios of attack) of RPKI in the context of the root server system and the resiliency expected.

Cheers
Terry

> On 7 Sep 2016, at 6:42 AM, Andrew Mcconachie <andrew.mcconachie at icann.org> wrote:
> 
> Dear RSSAC Caucus,
> 
> On behalf of the work party for RSSAC Workshop 2 Statement 4, attached please find Key Technical Elements of Potential Root Operators.
> 
> This work party first met on June 23, 2016 and roughly every other week thereafter. For more information on the creation of this work party, please see the section on Evolution from the Report from the 2nd RSSAC Workshop.
> 
> https://www.icann.org/en/system/files/files/rssac-workshop-26jun16-en.pdf
> 
> The work party invites you to review this document and provide your feedback by close of business 4 October 2016.
> 
> Feedback should be sent to the RSSAC Caucus list directly.
> 
> There will also be two teleconferences held to discuss this document and capture feedback. Doodle polls for exact times forthcoming.
> September 15th
> September 22nd
> 
> Thanks,
> Andrew
> 
> <Elements_of_Potential_Root Operators.docx>
> <Elements_of_Potential_Root Operators.pdf>
> _______________________________________________
> rssac-caucus mailing list
> rssac-caucus at icann.org
> https://mm.icann.org/mailman/listinfo/rssac-caucus

More information about the rssac-caucus mailing list