--- 1/draft-ietf-grow-irr-routing-policy-considerations-04.txt 2014-08-27 14:14:31.830017640 -0700 +++ 2/draft-ietf-grow-irr-routing-policy-considerations-05.txt 2014-08-27 14:14:31.870018634 -0700 @@ -1,25 +1,25 @@ GROW Working Group D. McPherson Internet-Draft Verisign, Inc. Intended status: Informational S. Amante -Expires: February 27, 2015 Level 3 Communications +Expires: February 28, 2015 Level 3 Communications E. Osterweil Verisign, Inc. L. Blunk Merit Network, Inc. D. Mitchell Twitter, Inc. - August 26, 2014 + August 27, 2014 IRR & Routing Policy Configuration Considerations - + Abstract The purpose of this document is to catalog past issues influencing the efficacy of Internet Routing Registries (IRR) for inter-domain routing policy specification and application in the global routing system over the past two decades. Additionally, it provides a discussion regarding which of these issues are still problematic in practice, and which are simply artifacts that are no longer applicable but continue to stifle inter-provider policy-based @@ -33,21 +33,21 @@ Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at http://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." - This Internet-Draft will expire on February 27, 2015. + This Internet-Draft will expire on February 28, 2015. Copyright Notice Copyright (c) 2014 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents @@ -159,21 +159,21 @@ 4.1. Lack of Resource Certification Internet number resources include IPv4 addresses, IPv6 addresses, Autonomous System Numbers (ASNs), and more. While these resources are generally allocated by hierarchical authorities, a general mechanism for formally verifying (such as through cryptographic mechanisms) when parties have been allocated resource remains an open challenge. We generally define such a system a Resource Certification System, and we note that some candidate examples of how such a general system might be implemented and deployed exist - [RC_HotNetsX], [RFC6480]. + [TASRS], [RC_HotNetsX], [RFC6480]. One of the largest weaknesses often cited with the IRR system is that the data contained within the IRRs is out of date or lacks integrity. This is largely attributable to the fact that existing IRR mechanisms do not provide ways for a relying party to (cryptographically) verify the validity of an IRR object. That is, there has never existed a resource certification infrastructure that enables a resource holder to authorize a particular autonomous system to originate network layer reachability advertisements for a given IPv4 or IPv6 prefix. It should be noted that this is not a weakness of the underlying @@ -753,20 +753,26 @@ Policies and Procedures", Foundation Policy http://www.ripe.net/ripe/docs/ripe-452. [RPKI_SIZING] Osterweil, E., Manderson, T., White, R., and D. McPherson, "Sizing Estimates for a Fully Deployed RPKI", Verisign Labs Technical Report 1120005 version 2 http:// techreports.verisignlabs.com/ tr-lookup.cgi?trid=1120005&rev=2. + [TASRS] Osterweil, E., Amante, S., and D. McPherson, "TASRS: + Towards a Secure Routing System Through Internet Number + Resource Certification", Verisign Labs Technical Report + 1130009 http://techreports.verisignlabs.com /tr- + lookup.cgi?trid=1130009&rev=1. + Authors' Addresses Danny McPherson Verisign, Inc. Email: dmcpherson@verisign.com Shane Amante Level 3 Communications 1025 Eldorado Blvd