[Community-Discuss] Blog Published this week

[Nishal Goburdhan]

On 15 Apr 2021, at 21:06, Ronald F. Guilmette wrote:


> In message <04590609-E26B-4C6D-9E83-4134E3F525C2 at afrinic.net>,

> AFRINIC Communication <comms at afrinic.net> wrote:

>

>> As we find ourselves turning to the Internet more and more to

>> manage our lives, internet routing and security becomes an

>> increasingly important topic. This is why Resource Public Key

>> Infrastructure (RPKI) is crucial.

>

> My hope is that most people on this list already know this fact.


rpki is hardly crucial [1] :-)  it is an_*important* step in securing 
the internet, but it is not the *only* element that warrants addressing 
inside a network.  heck, it’s probably not even the *first* thing that 
most networks should be doing! [2].   and there’s a very real problem, 
with people thinking that “rpki will fix $this!” when, rpki won’t.

that’s not to say that you should not work at implementing rpki for 
your network.  just do *not* do this in isolation.  *that* is the fact, 
that i hope most people grok.  follow the trail from bcp38 (rfc 2827, 
and the later ones in the series..) instead.



> Maybe you should focus instead on explaining the importance of

> RPKI to some of the Tier 0 providers, sich as Cogent (AS174) and

> Telia (AS1299)..


cogent and telia are already dropping rpki invalids, and have for some 
time.
your favourite internet search engine should help you find the 
appropriate press releases by the respective parties.



> https://bgp.he.net/AS398968


that is not a real-time view;  even the good people at he.net will tell 
you so.


-n.

[1]  dns, otoh ..
[2]  register, fix, ad automate your IRR entries *first*.  then, ..