[connect-wg] BCOP for the use of IRR DBs in IXP RS - Last call
- Previous message (by thread): [connect-wg] BCOP for the use of IRR DBs in IXP RS - Last call
- Next message (by thread): [connect-wg] BCOP for the use of IRR DBs in IXP RS - Last call
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Marco d'Itri
md at linux.it
Thu Jun 6 11:54:01 CEST 2024
On Jun 06, "Mullally, Ronan via connect-wg" <connect-wg at ripe.net> wrote: > But if a bad actor manages to masquerade as somebody else’s ASN, > either directly or via ‘downstream’ routes then neither of the above > help. If anything there is a risk that if we blindly consider a route > that matches a route object / ROA to be beyond doubt we may be less > able to identify such actions. Of course, this is obvious. But we are trying to solve only one aspect of the problem: by not using anymore the unauthenticated IRRs we will have removed a whole class of possibile hijackings. For the others indeed other technologies will be needed. -- ciao, Marco -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 228 bytes Desc: not available URL: <https://lists.ripe.net/ripe/mail/archives/connect-wg/attachments/20240606/4aef1677/attachment.sig>
- Previous message (by thread): [connect-wg] BCOP for the use of IRR DBs in IXP RS - Last call
- Next message (by thread): [connect-wg] BCOP for the use of IRR DBs in IXP RS - Last call
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]