[ppml] ARIN Certificates

Geoff Huston gih at apnic.net
Thu Apr 21 23:04:53 EDT 2005

At 09:46 AM 22/04/2005, Sanjaya wrote:
>Randy Bush wrote:
>>    "dear customer: we can no longer announce your prefix because
>>     apnic has revoked our certificate due to a billing problem and
>>     our bgp neighbors will no longer accept our sbgp announcements.
>>     of course, you may not get this email, so what the heck."
>>not a chance in hell.  a cert is your certifying my identity, not
>>my membership or billing status.
>I can see your point Randy. But what would an ISP do if a customer 
>defaulted their payment? Wouldn't you stop the service? Wouldn't the 
>customer lose their 'right to use' (using RFC3779 terminology) the prefix?

  I think you are reading too much into this. CRLs are part of the 
certificate infrastructure, and to immediately leap to assumptions 
about  the reasons for entering a cert on a CRL  appears to me to be a 
distinct topic about certificate practices.

If your question _really_ was Randy "would all RIRs use an identical CPL?" 
then I'm not sure that I  have a clear idea of the Right Things and some 
discussion of that topic on this and related RIR forums would be, of 
course, helpful.



More information about the ARIN-PPML mailing list