[arin-ppml] Revisit RPKI TAL Relying Party Agreement?

Owen DeLong owen at delong.com
Thu Feb 2 20:41:19 EST 2017


> On Feb 1, 2017, at 00:48 , Job Snijders <job at ntt.net> wrote:
> 
> Hi Owen,
> 
> On Tue, Jan 31, 2017 at 06:41:39PM -0800, Owen DeLong wrote:
>> RPKI doesn’t secure BGP.
>> 
>> All it does is provide a cryptographically signed mechanism by which
>> you can suggest what ASN should be forged as the origin of a route that
>> you want to hijack.
> 
> That feels like a misconstrued statement.
> 
> You highlight a subset of RPKI: a feature that are commonly available
> today. There is potentially far more that can be done with the RPKI,
> such as the distribution and validation of router certificates,
> manifests and other statements related to network management.
> 
> The RPKI stands for "Resource Public Key Infrastructure", it is a public
> key infrastructure framework of which you currently only see one
> application.
> 
> It is important in this discussion to recognise the value and potential
> of the RPKI.
> 
> Kind regards,
> 
> Job

Does any RIR or any other place have even a specification for those other
purposes, let alone actual implementation?

If not, then I stand by my statement as regards the current state of the RPKI.

Owen




More information about the ARIN-PPML mailing list