[Community-Discuss] Blog Published this week
Nishal Goburdhan
nishal at controlfreak.co.za
Thu Apr 15 19:43:45 UTC 2021
On 15 Apr 2021, at 21:06, Ronald F. Guilmette wrote:
> In message <04590609-E26B-4C6D-9E83-4134E3F525C2 at afrinic.net>,
> AFRINIC Communication <comms at afrinic.net> wrote:
>
>> As we find ourselves turning to the Internet more and more to
>> manage our lives, internet routing and security becomes an
>> increasingly important topic. This is why Resource Public Key
>> Infrastructure (RPKI) is crucial.
>
> My hope is that most people on this list already know this fact.
rpki is hardly crucial [1] :-) it is an_*important* step in securing
the internet, but it is not the *only* element that warrants addressing
inside a network. heck, it’s probably not even the *first* thing that
most networks should be doing! [2]. and there’s a very real problem,
with people thinking that “rpki will fix $this!” when, rpki won’t.
that’s not to say that you should not work at implementing rpki for
your network. just do *not* do this in isolation. *that* is the fact,
that i hope most people grok. follow the trail from bcp38 (rfc 2827,
and the later ones in the series..) instead.
> Maybe you should focus instead on explaining the importance of
> RPKI to some of the Tier 0 providers, sich as Cogent (AS174) and
> Telia (AS1299)..
cogent and telia are already dropping rpki invalids, and have for some
time.
your favourite internet search engine should help you find the
appropriate press releases by the respective parties.
> https://bgp.he.net/AS398968
that is not a real-time view; even the good people at he.net will tell
you so.
-n.
[1] dns, otoh ..
[2] register, fix, ad automate your IRR entries *first*. then, ..
More information about the Community-Discuss
mailing list