[arin-ppml] Revisit RPKI TAL Relying Party Agreement?
job at ntt.net
Wed Feb 1 03:48:49 EST 2017
On Tue, Jan 31, 2017 at 06:41:39PM -0800, Owen DeLong wrote:
> RPKI doesn’t secure BGP.
> All it does is provide a cryptographically signed mechanism by which
> you can suggest what ASN should be forged as the origin of a route that
> you want to hijack.
That feels like a misconstrued statement.
You highlight a subset of RPKI: a feature that are commonly available
today. There is potentially far more that can be done with the RPKI,
such as the distribution and validation of router certificates,
manifests and other statements related to network management.
The RPKI stands for "Resource Public Key Infrastructure", it is a public
key infrastructure framework of which you currently only see one
It is important in this discussion to recognise the value and potential
of the RPKI.
More information about the ARIN-PPML