rpki vs. secure dns?

Florian Weimer fw at deneb.enyo.de
Sat Apr 28 04:56:51 CDT 2012


* Paul Vixie:

> this seems late, compared to the various commitments made to rpki in
> recent years. is anybody taking it seriously?

The idea as such isn't new, this has been floating around for four
years or more, including at least one Internet draft,
draft-donnerhacke-sidr-bgp-verification-dnssec.

I don't know if we can get RPKI to deployment because RIPE and RIPE
NCC have rather serious issues with it.  On the other hand, there
doesn't seem to be anything else which keeps RIRs relevant in the
post-scarcity world, so we'll see what happens.



More information about the NANOG mailing list