rpki vs. secure dns?
Danny McPherson
danny at tcb.net
Mon Apr 30 14:53:05 UTC 2012
On Apr 28, 2012, at 6:34 AM, Alex Band wrote:
> All in all, RPKI has really good traction and with native router support in Cisco, Juniper and Quagga, this is only getting better.
We should be more careful with statements such as this, they're conflating important things that add to the confusion in this area.
None of these implementations support "RPKI" today. What they support is a new protocol for onboarding routing policy data (some call this a [VRP], essentially prefix,origin bindings) into soft state in a router.
-danny
[VRP] https://ripe64.ripe.net/presentations/74-120417.sidr-origin.pdf
More information about the NANOG
mailing list