[RPKI-Discuss] [Community-Discuss] 06 April 2019 RPKI incident - Postmortem report

Noah noah at neo.co.tz
Wed Apr 10 19:29:00 UTC 2019

On Wed, Apr 10, 2019 at 10:25 PM Amreesh Phokeer <amreesh at afrinic.net>

> Hi Noah,
> > On 10 Apr 2019, at 23:13, Noah <noah at neo.co.tz> wrote:
> >
> > Just curious could a bash/python script + cron locally on the Offline CA
> box achieve the same level of automation monthly without any manual
> intervention from humans.
> >
> > The human manual involvement can still be automated local to the same
> offline box imho.
> No because:
> (1) the Offline CA is kept offline (shutdown) in a secured environment and
> brought up only at the time of the refresh.

There is not way to automate this bruh....

(2) the box is not physically connected, so the CRLs and MFTs files need to
> be copied manually to the online repository.

Understood.... in this case the humans need to be automated so that they
are more efficient until such time when the robots will replace humans :-)

>> Amreesh
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.afrinic.net/pipermail/rpki-discuss/attachments/20190410/3e72b56b/attachment.html>

More information about the RPKI-Discuss mailing list