IPv4 Hijacking For Idiots

Mark Andrews marka at isc.org
Wed Jun 7 01:55:53 CST 2017

In message <2541cadf-4a76-b172-b395-0822f18898f8 at bryanfields.net>, Bryan Fields writes:
> On 6/6/17 9:13 PM, Mark Andrews wrote:
> > Getting to that stage requires several companies to simultaneously
> > say "we will no longer accept <list> as valid mechanisms to verify
> > routes announcements.  You need to use X or else we won't accept
> > the announcement".  Yes, this requires guts to do.
> And what of legacy address holders?  ARIN will not permit RPKI use of their
> blocks.

This really doesn't prevent it being used.  RPKI could have a forth
CA for legacy holders that don't accept ARIN's terms for issuing
of RPKI.  You just need to co-ordinate yourselves.  There is nothing
magical about the current three other than they are accepted by

Or we can just abandon IPv4 and its legacy baggage and do it for


> -- 
> Bryan Fields
> 727-409-1194 - Voice
> http://bryanfields.net
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org

More information about the NANOG mailing list