This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/

[routing-wg] RPKI vulnerable?

Previous message (by thread): [routing-wg] RPKI vulnerable?
Next message (by thread): [routing-wg] RPKI vulnerable?

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Rubens Kuhl rubensk at gmail.com
Fri Feb 18 16:08:32 CET 2022

It could also be that all 5 RIRs have trust roots for 0/0, so if you
get a different RIR to sign with a different origin (including AS 0),
that network is going to be unreachable at a lot of locations.


Rubens

On Fri, Feb 18, 2022 at 7:09 AM Job Snijders via routing-wg
<routing-wg at ripe.net> wrote:
>
> Hi all,
>
> It might be the case that the vulnerability is in the realm of disagreement with some design choices of the past, rather than a traditional CVE hole in one or more software packages.
>
> I found the following paper which touches upon the “assumed trust” aspect of RPKI in the relationship between Relaying Party and Trust Anchor(s).
>
> https://www.researchgate.net/publication/349045074_Privacy_Preserving_and_Resilient_RPKI
>
> I’m very interested in discussion about cross-signing schemes.
>
> Kind regards,
>
> Job
> --
>
> To unsubscribe from this mailing list, get a password reminder, or change your subscription options, please visit: https://mailman.ripe.net/

Previous message (by thread): [routing-wg] RPKI vulnerable?
Next message (by thread): [routing-wg] RPKI vulnerable?

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

[ routing-wg Archives ]