[Community-Discuss] 06 April 2019 RPKI incident - Postmortem report

Noah noah at neo.co.tz
Wed Apr 10 13:57:42 UTC 2019


On Wed, Apr 10, 2019 at 4:04 PM Owen DeLong <owen at delong.com> wrote:

> If you automate the process, you have to store the private key in a manner
> in which it can be accessed automatically.
>

The only process that needs automation is the timing of when certificates
expire next [1] so as to best inform the humans and invoke pro-activeness
which includes offline testing to avoid any human errors that may result in
live production.

Noah
[1] they indicated the monitoring system picked the issue up but perhaps
more pro-activeness and offline testing to avoid human errors in the future
would come in handy.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.afrinic.net/pipermail/community-discuss/attachments/20190410/24e16885/attachment.html>


More information about the Community-Discuss mailing list