North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
cross-registry interactions was Re: BGP ... & PKI...
At 17:06 -1000 11/23/05, Randy Bush wrote:
Sometimes I think you are right about this and sometimes I think you are wrong about this. It just may be that you are thinking only about the "right" half, but "operation" of the registry to some means the policy process too.i have been whining about the problems of cross-registry operation for over a decade, formally, informally, presos, ... i have had it on every rir's meeting agenda (except lacnic) for many years. do i need to iterate for every ort of service the registries provide?
Where I see this as "wrong" is: There are five distinct RIRs for a reason, to be attuned to local needs. The domain name industry has one "RIR" asserting authority and we see the political fallout of that. Having the five RIRs locked together would certainly benefit (usually the larger) organizations that deal across RIR boundaries, most likely (and I say that without certainty or accusation) to the detriment of smaller organizations tuned to the needs within one RIR.
I think it's very important that we keep the policy processes - the decision making part, and even discussion - separate. Yes, that means it takes a long time to get a "global" (effectively, one involving IANA) policy through.
On the other hand, you are "right" when it comes to the technical services rendered and the interfaces used. That's because the use of the data is global, no doubt about that. A student sending mail from Africa to Asia will traverse two or three RIR area networks, just to show how 1 consumer can cause a cross-RIR event.
One of the dynamics I see happening now is that the RIRs are independently developing some advanced services. RIPE into DNSSEC, APNIC into certificates, LACNIC into IRIS and unifying the RIR WhoIs data. These advancements happen locally much faster than globally, as is true with any innovation. "Failed" attempts at advancement will be easier to recover from too. Eventually we want these services to be global, but in development I expect differences.
Keep in mind that the RIRs were originally cobbled together out of different cloth. Unifying the service interface will take an investment in doing that. This is why I have made comments at ARIN meetings about providing technical input to ARIN - trying to define a way to have the community, or even just the membership, inform ARIN on what service interfaces we would like to see in an open, reviewable arena. ARIN has this for policies, but the path towards service upgrades is not as well defined.we are the registries' customers. many of us, especially the ones who pay the registries the most, have to deal with multiple registries. can the registries please get over the inter-registry rivalry and make life more reasonable for us, the paying members?
It's one thing to lay heat at the feet of organizations, it's another to make clear the reason for the heat.
The upside of this is that it directly addresses the routing problem - ISPs get to determine who they trust for the data they rely on. On the other hand, ultimately a web of trust has to fair to newcomers, not rely on superficial "popularity", and obviously scaleable.where as before i was merely inclined, this has just made me an extremely strong proponent of the isp web of trust identity model.
Edward Lewis +1-571-434-5468
3 months to the next trip. I guess it's finally time to settle down and
find a grocery store.