On Sat, Jan 23, 2021 at 5:02 AM Eliot Lear <lear@xxxxxxxxx> wrote:
Hi everyone,As Nick Hillard pointed out, this came up in December on the IPv6 list. The registry is managed by Nico Schottelius and Ungleich[1]. Does that make this registry The Registry? Perhaps not. Does it address the Sybil attack? No.
There is clearly demand for such registration, given that there is already a registry of over 5,000 networks, and it is clear that Ungleich is satisfying that demand. This raises some questions. It may be the case that a listing may lead to people believing that they are somehow guaranteed that their use is indeed unique, when in fact no such guarantee can be made or kept under the current scheme. Also I think there are some tough questions that may need to be resolved around points of contact and relevant laws. These are things that both ICANN and the various RIRs have paid considerable attention to
It is non routable space. So a point of contact isn't very useful. What are the laws that you think might apply? We haven't taken much notice of international communications laws in the past. And ICANN only started paying attention to EU privacy law when they realised that they were about to be whacked with a very expensive lawsuit.
One might ask: why aren’t people just going through the RIR system to get globally routable space?
Because that is a registration that only exists on sufferance of the RIR. Case in point, Parler is about to be kicked off the net again as their IPv4 and IPv6 assignments are pulled.
The RIRs already have too much power. We should not extent their monopoly into non-routable space.
One of the key principles of stewardship of the address space in the past as been efficiency. Another has been aggregation.
Aggregation is precisely the thing that distinguishes routable from non-routable allocation and it shows the reason why the random allocation approach to ULAs is bjorked. For purposes of routing, IPv6 is really a 64 bit space, not a 128 bit space and the lower 64 bits are intended for 'local' use. So you want aggregation, you certainly want allocations to be significantly larger than a /64. A /48 looks like the right size. Particularly since the routing address space is a 32 bit AS number
Allocating in /48 blocks for non routable space where aggregation is irrelevant makes very little sense to me.
Here are some considerations the IAB, RIRs Nico, Phil, you Fernando, and other interest parties, might reasonably discuss:
- Are those principles are still being observed at the RIRs and how they have evolved,
- What are the blockers to using an RIR block?
They can be taken away and the RPKI is based on a completely inappropriate technology for the task.
3) What should the applicable principles be?
Personal autonomy of Internet users.
4) Are there risks to the Internet ecosystem of which ungleich (and similar) registry uses should be aware?
5) What are the relevant policies that need to be incorporated into any new registry?
6) What prefix should be used?
Set up an IANA registry and allocate /32s (or less) in FC00::/8. The first 256 registries that come and ask for allocations get a /32. The next 1024 get a /30 and so on.
If any registry can show they have allocated 75% of their initial allocation, they get an allocation four times larger.
7) Were there to be a more “official” registry, what are the roles of the various players, including this community, ICANN, the RIRs, ungleich, etc? And
The WebPKI has never had an official registry. But it worked because instead of asking for permission, we went ahead and did it. Over numerous objections from IETF community.
8) And who gets to decide these questions?
Well not the incumbent providers. And especially not when Big Tech is in the crosshairs on capitol hill and there are multiple Federal and civil anti-Trust suits being thrown about. The EFF's blatant lying about the PIR allowed them to fill their coffers bilking the rubes but left ISOC and therefore IETF with the conflict of interest.
If that sounds like an IAB workshop or a program or a BoF… well… It could be that the IAB and the RIRs have crisp answers to all of these questions. In which case, I’m talking about an email or perhaps a statement that satisfies at least my curiosity and apparently those of others ;-)
Or we could do an experiment and then walk back the cat on lessons learned.
The current status of my code is that the Mesh now passes all its unit tests, I am just working on coding a robust server with sufficient instrumentation etc. I will be adding the callsign registry in another couple of months. Once that code is ready, I launch. Adding the IPv6 ULA allocation to the callsign registry is 4 hours coding and 20 testing.
One aspect with which I take great issue is that this should even be considered for IPv4. IMHO, that would be getting blood from a stone.
At the very start of this thread, I pointed out that the motivation for all this is precisely the fact that 10.0.0.0 simply isn't big enough. It is worth considering but only to know why it can't work.