[arin-ppml] Revisit RPKI TAL Relying Party Agreement?

Job Snijders job at ntt.net
Wed Feb 1 03:48:49 EST 2017


Hi Owen,

On Tue, Jan 31, 2017 at 06:41:39PM -0800, Owen DeLong wrote:
> RPKI doesn’t secure BGP.
> 
> All it does is provide a cryptographically signed mechanism by which
> you can suggest what ASN should be forged as the origin of a route that
> you want to hijack.

That feels like a misconstrued statement.

You highlight a subset of RPKI: a feature that are commonly available
today. There is potentially far more that can be done with the RPKI,
such as the distribution and validation of router certificates,
manifests and other statements related to network management.

The RPKI stands for "Resource Public Key Infrastructure", it is a public
key infrastructure framework of which you currently only see one
application.

It is important in this discussion to recognise the value and potential
of the RPKI.

Kind regards,

Job



More information about the ARIN-PPML mailing list