This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/routing-wg@ripe.net/
[routing-wg] RPKI Validator 3: disable fetching from certain repos?
- Previous message (by thread): [routing-wg] RPKI Validator 3: disable fetching from certain repos?
- Next message (by thread): [routing-wg] RPKI Validator 3: disable fetching from certain repos?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
George Michaelson
ggm at algebras.org
Fri Oct 12 11:12:18 CEST 2018
There is a problem with the RRDP pub-point in TWNIC which we (APNIC) are discussing with them. They did not appreciate at first that a 443 bound service would have to be publicly visible and wish to re-architect things to move this to a place outside their firewall. It doesn't appear logistically simple to disable the certificated declaration right now, I think we might have an operations discussion about timeouts and risks here. Basically, "they know there is a publicly visible problem" and "they are working on it" -George On Thu, Oct 11, 2018 at 11:15 PM nusenu <nusenu-lists at riseup.net> wrote: > > > > nusenu: > > https://rpki.cnnic.cn/rrdp/notify.xml: java.util.concurrent.TimeoutException > > https://rpkica.twnic.tw/rrdp/notify.xml: java.util.concurrent.TimeoutException > > > are they generally unavailable or are they just answering to a limited set of source IPs? > (depending on geolocation of the source IP) > > -- > https://twitter.com/nusenu_ > https://mastodon.social/@nusenu >
- Previous message (by thread): [routing-wg] RPKI Validator 3: disable fetching from certain repos?
- Next message (by thread): [routing-wg] RPKI Validator 3: disable fetching from certain repos?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]