This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/routing-wg@ripe.net/
[routing-wg] RPKI vulnerable?
- Previous message (by thread): [routing-wg] RPKI vulnerable?
- Next message (by thread): [routing-wg] RPKI vulnerable?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Warren Kumari
warren at kumari.net
Fri Feb 18 16:02:26 CET 2022
On Fri, Feb 18, 2022 at 4:09 AM Job Snijders via routing-wg < routing-wg at ripe.net> wrote: > Hi all, > > It might be the case that the vulnerability is in the realm of > disagreement with some design choices of the past, rather than a > traditional CVE hole in one or more software packages. > I'd certainly hope that it isn't that you can just spoof the valid origin AS... I recently had someone come to me with this *shocking* discovery and ask about how to disclose it. This was the same person who alerted me to the also *shocking* discovery that longest-match wins, and so just twiddling local-pref doesn't save you. W > I found the following paper which touches upon the “assumed trust” aspect > of RPKI in the relationship between Relaying Party and Trust Anchor(s). > > > https://www.researchgate.net/publication/349045074_Privacy_Preserving_and_Resilient_RPKI > > I’m very interested in discussion about cross-signing schemes. > > Kind regards, > > Job > -- > > To unsubscribe from this mailing list, get a password reminder, or change > your subscription options, please visit: > https://mailman.ripe.net/ > -- Perhaps they really do strive for incomprehensibility in their specs. After all, when the liturgy was in Latin, the laity knew their place. -- Michael Padlipsky -------------- next part -------------- An HTML attachment was scrubbed... URL: </ripe/mail/archives/routing-wg/attachments/20220218/1d261950/attachment.html>
- Previous message (by thread): [routing-wg] RPKI vulnerable?
- Next message (by thread): [routing-wg] RPKI vulnerable?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]