RPKI publication

• Previous message (by thread): RPKI publication
• Next message (by thread): Virtualization of everything
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Thanks, but as I mentioned, I've got the validation/relying party side pretty well covered which is what Routinator is. I'm looking for options for running a delegated CA and potentially providing a publishing point.

-- 
Jeff

On November 25, 2018 5:45:21 PM EST, Michael Gehrmann <mgehrmann at atlassian.com> wrote:
>Hi Jeff,
>
>I've worked on getting routinator installed via ansible recently and
>had
>some success. Seems to be the most actively supported/developed rpki I
>have
>seen out of the 3 options.
>
>https://bitbucket.org/mjgehrmann/ansible-role-routinator
>
>Regards
>--
>MiCHAEL
>
>On Sat, 24 Nov 2018 at 12:52, Jeff McAdams <jeffm at iglou.com> wrote:
>
>> On Fri, November 23, 2018 18:20, Christopher Morrow wrote:
>> > On Fri, Nov 23, 2018 at 6:12 PM Jeff McAdams <jeffm at iglou.com>
>wrote:
>> >> On November 23, 2018 4:48:14 PM EST, Christopher Morrow <
>> >> morrowc.lists at gmail.com> wrote:
>> >>
>> >>> I think there are 3 options:
>> >>> ripe validator v2 (potentially v3?) -
>> >>> https://github.com/RIPE-NCC/rpki-validator
>> >>>
>> >>>
>> >>> https://github.com/RIPE-NCC/rpki-validator-3
>> >>> rpki.net validator - https://github.com/dragonresearch/rpki.net
>bbn
>> >>> rpstir - https://github.com/bgpsecurity/rpstir
>> >>
>> >> Like I said, validation and caching, "relying party", has several
>> >> options...several of which are relatively easy to run and manage. 
>It's
>> >> the CA and publishing for which no really good options (that I've
>found,
>> >> at least) are available currently.
>> >>
>> >
>> > the ca bits do exist in rpki.net's software set... they are a tad
>fiddly
>> > to setup/run though, yes.
>>
>> Oops, sorry, I missed the rpki.net reference in there (I read and
>replied
>> to that message from my phone).
>>
>> Yes, I spent several hours trying to even get the Ubuntu 18.04
>packages to
>> even install without errors.  I'm not particularly keen on installing
>a 2
>> 1/2 year old distro to run no-longer-supported version of the django
>> framework to support this, so I'm pretty much putting into the "not
>> reasonably current and maintained" category.
>>
>> --
>> Jeff
>>
>>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20181125/6748f797/attachment.html>

• Previous message (by thread): RPKI publication
• Next message (by thread): Virtualization of everything
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]