rpki vs. secure dns?

Rubens Kuhl rubensk at gmail.com
Sat Apr 28 14:21:34 CDT 2012

> In case you feel a BGP announcement should not be "RPKI Invalid" but something else, you do what's described on slide 15-17:
> https://ripe64.ripe.net/presentations/77-RIPE64-Plenery-RPKI.pdf

The same currently happens with DNSSEC, doing what Comcast calls
"negative trust anchors":


More information about the NANOG mailing list