This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/
[routing-wg] Prefix hijacking possibility
- Previous message (by thread): [routing-wg] Prefix hijacking possibility
- Next message (by thread): [routing-wg] Prefix hijacking possibility
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Alex Band
alexb at ripe.net
Sun Feb 20 11:45:31 CET 2011
Hi Amer, In order to help mitigate route hijacking issues, it is considered good practice to register your announcements as route objects in an Internet Routing Registry such as the RIPE Database. This allows other to base routing decisions on them, using filters. A new alternative is the RIPE NCC Resource Certification service, which was launched at the beginning of this year. This allows you to get a digital certificate for your IP address blocks and create Route Origin Authorisation (ROA) objects, which essentially state "From this Autonomous System, I shall announce these prefixes". This allows anyone on the Internet to *validate* if a certain route announcement has a valid ROA associated with it, created by the legitimate holder of the address space. You can find more information here: http://ripe.net/certification And here is a quick-tour: http://youtu.be/Q0C0kEYa1d8 Kind regards, Alex Band Product Manager, RIPE NCC On 18 Feb 2011, at 16:10, Amer wrote: > Hi all > I would like to ask you about what is the possibility of prefix hijacking by ISP after implementing the last RIPE's prefix advertisement procedures > Is their an official documents regard that? > > Best regards >
- Previous message (by thread): [routing-wg] Prefix hijacking possibility
- Next message (by thread): [routing-wg] Prefix hijacking possibility
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]