ARIN believes that they have a right to limit distribution of this RSA public key (used for verification of routing security): https://www.arin.net/resources/rpki/arin-rfc7730.tal (This is basically an X.509 subjectPublicKeyInfo, which can be parsed with openssl asn1parse.) And they are arguing that people cannot download this file from a well-known location without first agreeing to some conditions. Does everybody agree that this is bullshit and that we can distribute this data in Debian packages as much as we like? Let's assume that the package maintainer has received the TAL file anonymously by email, so there is no issue of actually entering in a contract with ARIN. (Please Cc: me on replies.) -- ciao, Marco
Attachment:
signature.asc
Description: PGP signature