Maybe they should?
Or at least provide a database that is signed so that people can check
what is getting announced vs what was really allocated at least off
line.
Normally I'm rather loathe to send urls around - but in this case you may find this APNIC work directly relevant to what you are asking for:
http://www.ripe.net/ripe/meetings/ripe-51/presentations/pdf/ripe51-address-certificate.pdf
I also did some work a year or so back on the differences between announced vs allocated prefixes.
http://www.potaroo.net/presentations/2004-05-01-allocation-vs-announcement.pdf
At the time (May 2004) it appeared that the message was getting through and the fragmentation of allocations was decreasing. I have not re-reun the scripts recently to confirm if this is wtill the case.
regards,
Geoff
Geoff Huston wrote:
Normally I'm rather loathe to send urls around - but in this case you
may find this APNIC work directly relevant to what you are asking for:http://www.ripe.net/ripe/meetings/ripe-51/presentations/pdf/ripe51-address-certificate.pdf
It's really good to see this taking off in the APNIC region, but the big
question: is there any movement in RIPE and ARIN!? A joint effort for
this would be nice and also allow testing across the world. Also if the
certs are deployed in APNIC I am sure that quite some ISP's on this side
of the planet want to verify what is getting announced what they don't
want to see 
I found that the sig-ca mailinglist is a closed list.
Greets,
Jeroen
PS: For people who didn't see it yet "BGP - The Movie" @
http://www.apnic.net/news/hot-topics/index.html#history
Geoff Huston wrote:
>
> Normally I'm rather loathe to send urls around - but in this case you
> may find this APNIC work directly relevant to what you are asking for:
>
> http://www.ripe.net/ripe/meetings/ripe-51/presentations/pdf/ripe51-address-certificate.pdfIt's really good to see this taking off in the APNIC region, but the big
question: is there any movement in RIPE and ARIN!?
Well the 'standard' answer is that the way to get your RIR to commit to a service is to actively advocate in the relevant forums in your local region that this is an important member service that needs some level of priority in terms of work schedules.
However, it's also the case that this particular item has already attracted some detailed attention across the RIRs and there is considerable levels of liaison within the RIR's based around APNIC's committed schedule of activity. So if the regional policy forums say "its a good thing to do" and the RIR members say "yes, its a really good thing, lets do it" then doubtless you will see schedules and deliverables from all RIRs in relatively short order. So, as with any membership-based organization, its a two-way thing - the members have to also play their part in saying loudly and clearly what they want in terms of services.
A joint effort for
this would be nice and also allow testing across the world. Also if the
certs are deployed in APNIC I am sure that quite some ISP's on this side
of the planet want to verify what is getting announced what they don't
want to see
We are certainly not planning for such a restricted outcome, and we at APNIC would definitely like to see this as a complete service across all RIRs, of course.
regards,
Geoff