Reply to comment:
Marco Gioanola •
I'm glad to see that the DNS root infrastructure is taken as an example of the kind of robustness that RPKI should have. I'm also glad to read that you recognize that "if this trust is broken, the entire system is compromised". However, in this last aspect, a hierarchical PKI will always fail to provide the needed redundancy and fault tolerance, because it's a centralized infrastructure with the root CA as its single point of failure. In other words, in addition to building an infrastructure where the risk of the root CA being compromised or unavailable is extremely low, you should also plan about what to do *when* the root CA will be compromised. If we don't consider that, we're not taking PKI seriously. Let's think about the long term: in the perfect world where everybody has ROAs and everybody does ROV in real time and filters routes for prefixes that are in *unknown* state, what's the plan in case the root CA's keys are compromised or unavailable? Personally, I believe that we should think of ways to move away from this centralized hierarchical model. Delegated RPKIs are a step in the right direction, but do not really remove the SPoF. Cross-signing of ROAs between the five RIRs could be another way to increase the redundancy of the system and avoid "breaking the internet" in case one RIR is compromised.