IPv4 Hijacking For Idiots

Mark Andrews marka at isc.org
Wed Jun 7 01:55:53 UTC 2017


In message <2541cadf-4a76-b172-b395-0822f18898f8 at bryanfields.net>, Bryan Fields writes:
> On 6/6/17 9:13 PM, Mark Andrews wrote:
> > Getting to that stage requires several companies to simultaneously
> > say "we will no longer accept <list> as valid mechanisms to verify
> > routes announcements.  You need to use X or else we won't accept
> > the announcement".  Yes, this requires guts to do.
> 
> And what of legacy address holders?  ARIN will not permit RPKI use of their
> blocks.

This really doesn't prevent it being used.  RPKI could have a forth
CA for legacy holders that don't accept ARIN's terms for issuing
of RPKI.  You just need to co-ordinate yourselves.  There is nothing
magical about the current three other than they are accepted by
everyone.

Or we can just abandon IPv4 and its legacy baggage and do it for
IPv6.

Mark

> -- 
> Bryan Fields
> 
> 727-409-1194 - Voice
> http://bryanfields.net
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org



More information about the NANOG mailing list