This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/
[connect-wg] BCOP for the use of IRR DBs in IXP RS - Last call
- Previous message (by thread): [connect-wg] BCOP for the use of IRR DBs in IXP RS - Last call
- Next message (by thread): [connect-wg] BCOP for the use of IRR DBs in IXP RS - Last call
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Marco d'Itri
md at linux.it
Thu Jun 6 11:54:01 CEST 2024
On Jun 06, "Mullally, Ronan via connect-wg" <connect-wg at ripe.net> wrote: > But if a bad actor manages to masquerade as somebody else’s ASN, > either directly or via ‘downstream’ routes then neither of the above > help. If anything there is a risk that if we blindly consider a route > that matches a route object / ROA to be beyond doubt we may be less > able to identify such actions. Of course, this is obvious. But we are trying to solve only one aspect of the problem: by not using anymore the unauthenticated IRRs we will have removed a whole class of possibile hijackings. For the others indeed other technologies will be needed. -- ciao, Marco -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 228 bytes Desc: not available URL: </ripe/mail/archives/connect-wg/attachments/20240606/4aef1677/attachment.sig>
- Previous message (by thread): [connect-wg] BCOP for the use of IRR DBs in IXP RS - Last call
- Next message (by thread): [connect-wg] BCOP for the use of IRR DBs in IXP RS - Last call
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]