[arin-ppml] Revisit RPKI TAL Relying Party Agreement?
Owen DeLong
owen at delong.com
Thu Feb 2 20:41:19 EST 2017
> On Feb 1, 2017, at 00:48 , Job Snijders <job at ntt.net> wrote:
>
> Hi Owen,
>
> On Tue, Jan 31, 2017 at 06:41:39PM -0800, Owen DeLong wrote:
>> RPKI doesn’t secure BGP.
>>
>> All it does is provide a cryptographically signed mechanism by which
>> you can suggest what ASN should be forged as the origin of a route that
>> you want to hijack.
>
> That feels like a misconstrued statement.
>
> You highlight a subset of RPKI: a feature that are commonly available
> today. There is potentially far more that can be done with the RPKI,
> such as the distribution and validation of router certificates,
> manifests and other statements related to network management.
>
> The RPKI stands for "Resource Public Key Infrastructure", it is a public
> key infrastructure framework of which you currently only see one
> application.
>
> It is important in this discussion to recognise the value and potential
> of the RPKI.
>
> Kind regards,
>
> Job
Does any RIR or any other place have even a specification for those other
purposes, let alone actual implementation?
If not, then I stand by my statement as regards the current state of the RPKI.
Owen
More information about the ARIN-PPML
mailing list