[ARIN-Suggestions] NOW CLOSED - ACSP 2018.14: Support RRDP for RPKI Publication
ARIN
info at arin.net
Mon Dec 9 13:06:11 EST 2019
On 9 December, we issued the following closing message for ACSP
2018.14:Support RRDP for RPKI Publication:
Thank you for your suggestion, numbered 2018.14 on confirmed receipt,
asking that ARIN support the RRDP protocol (RFC8182) for RPKI
publication. We have completed this work with our most recent deployment.
Because this work has been completed, we are closing your suggestion.
Thank you for your participation in the ARIN Consultation and Suggestion
Process.
****
For reference, the suggestion is available at:
https://www.arin.net/vault/participate/acsp/suggestions/2018-14.html
Description:
Support the RRDP protocol (RFC8182) for RPKI publication, just like the
RIPE NCC and APNIC already do.
Value to Community:
Currently, ARIN only makes the RPKI dataset available over rsync, which
has several downsides:
1. When RPKI relying party software is used on a client system, it
has a dependency on rsync. Different versions and different supported
options (such as --contimeout) cause unpredictable results. Furthermore
calling rsync is inefficient (additional process, and the output can
only be verified by scanning the disk).
2. Scaling becomes more and more problematic as the global RPKI
data set grows and more operators download and validate data, as with
rsync the server in involved in processing the differences.
To overcome these limitations the RRDP protocol was developed, which
relies on HTTPS. RRDP was specifically designed for scaling and allows
CDNs to participate in serving the RPKI data set globally, at scale. In
addition, HTTPS is well supported in programming languages so
development of relying party software becomes easier and more robust.
Regards,
The American Registry for Internet Numbers (ARIN)
More information about the arin-suggestions
mailing list