[ppml] ARIN Certificates
Geoff Huston
gih at apnic.net
Thu Apr 21 23:04:53 EDT 2005
At 09:46 AM 22/04/2005, Sanjaya wrote:
>Randy Bush wrote:
>
>> "dear customer: we can no longer announce your prefix because
>> apnic has revoked our certificate due to a billing problem and
>> our bgp neighbors will no longer accept our sbgp announcements.
>> of course, you may not get this email, so what the heck."
>>not a chance in hell. a cert is your certifying my identity, not
>>my membership or billing status.
>
>I can see your point Randy. But what would an ISP do if a customer
>defaulted their payment? Wouldn't you stop the service? Wouldn't the
>customer lose their 'right to use' (using RFC3779 terminology) the prefix?
I think you are reading too much into this. CRLs are part of the
certificate infrastructure, and to immediately leap to assumptions
about the reasons for entering a cert on a CRL appears to me to be a
distinct topic about certificate practices.
If your question _really_ was Randy "would all RIRs use an identical CPL?"
then I'm not sure that I have a clear idea of the Right Things and some
discussion of that topic on this and related RIR forums would be, of
course, helpful.
regards,
Geoff
More information about the ARIN-PPML
mailing list