In message <email@example.com>, Paul Ferguson write
>Of course, if by "known route" you mean known because it is in the
>IRR, and the IRR is known to be reliable, then I accept your argument
>but caution that the IRR is not always reliable, but this is yet
>another reason to make it more reliable.
This is also a valid argument for *not* relying on the IRR for security
I agree with you on this point but I don't think the security issues
with the IRR are unsolvable. Making sure hierarchical authorization
changes are deployed at all registries and enabling the PGP
authentication would certainly help.
Hierarchical authorization would require that registries recognize
IANA as the numbering authority and install top level objects based on
IANA top level delegations. This would require a strong tie between
numbering allocations and routing registry. Right now any bozo can
come along and claim a quarter or half the number space.