Financial services BGP hijack last week?
Compton, Rich A
Rich.Compton at charter.com
Wed May 3 17:39:02 UTC 2017
The servers where the RPKI data is published (the Trust Anchor and the CAs) are referred to using a single URI, meaning that any sort of geographic redundancy or failover has to be handled via external means (anycast, load balancing, etc.) but rsync isn’t well-suited for this sort of implementation.
Rich Compton | Principal Eng | 314.596.2828
14810 Grasslands Dr, Englewood, CO 80112
From: <christopher.morrow at gmail.com<mailto:christopher.morrow at gmail.com>> on behalf of Christopher Morrow <morrowc.lists at gmail.com<mailto:morrowc.lists at gmail.com>>
Date: Tuesday, May 2, 2017 at 6:34 PM
To: Compton Rich A <rich.compton at charter.com<mailto:rich.compton at charter.com>>
Cc: Job Snijders <job at ntt.net<mailto:job at ntt.net>>, Nikos Leontsinis <nikosietf at gmail.com<mailto:nikosietf at gmail.com>>, NANOG list <nanog at nanog.org<mailto:nanog at nanog.org>>
Subject: Re: Financial services BGP hijack last week?
On Tue, May 2, 2017 at 11:21 AM, Compton, Rich A <Rich.Compton at charter.com<mailto:Rich.Compton at charter.com>> wrote:
That¹s the million dollar question. I think that there will be more
adoption from the Internet at large when some big players adopt it. Right
now the use of rsync in RPKI is preventing a lot of large ISPs from
implementing it (too difficult to provide redundancy with rsync). There is
how is it hard to provide redundancy with rsync?
E-MAIL CONFIDENTIALITY NOTICE:
The contents of this e-mail message and any attachments are intended solely for the addressee(s) and may contain confidential and/or legally privileged information. If you are not the intended recipient of this message or if this message has been addressed to you in error, please immediately alert the sender by reply e-mail and then delete this message and any attachments. If you are not the intended recipient, you are notified that any use, dissemination, distribution, copying, or storage of this message or any attachment is strictly prohibited.
More information about the NANOG