[arin-tech-discuss] silent expiration of ARIN RPKI objects

Danny McPherson danny at tcb.net
Fri Feb 1 22:45:17 EST 2013

On Feb 1, 2013, at 1:34 PM, Jay Borkenhagen <jayb at braeburn.org> wrote:

> Thank you, but why couldn't a ROA request include an explicit
> indication that the party making the request wants it to auto-renew?

Interesting..  Put crypto there and expiry mechanisms in place, but ARIN needs an auto-renew ad infinitum option?  Isn't that primitive (no expiry) one of a few that led to all the stale data in the IRRs that everyone hates so much?  

What should they do if the CA, prefix, or AS certs are going to expire?  

Or Router EE Certs (derived from AS certs) that make [BGPSEC] routing work?


More information about the arin-tech-discuss mailing list