Towards an RPKI-rich Internet (and the appropriate allocation of responsibility in the event an RIR RPKI CA outage)

• Previous message (by thread): Towards an RPKI-rich Internet (and the appropriate allocation of responsibility in the event an RIR RPKI CA outage)
• Next message (by thread): Towards an RPKI-rich Internet (and the appropriate allocation of responsibility in the event an RIR RPKI CA outage)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 1/Oct/18 09:47, Alex Band wrote:

>
> Thus, a continued outage of an RPKI CA (or publication server) will result in announcements with status NotFound. This means that the prefixes held by this CA will no longer benefit from protection by the RPKI. However, since only *invalid* announcements should be dropped, this should not lead to large scale outages in routing.

Indeed, and this is on the basis that operators are not overzealous
about aggressively acting against a "NotFound" RPKI state.

Mark.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20181001/3c338c67/attachment.html>

• Previous message (by thread): Towards an RPKI-rich Internet (and the appropriate allocation of responsibility in the event an RIR RPKI CA outage)
• Next message (by thread): Towards an RPKI-rich Internet (and the appropriate allocation of responsibility in the event an RIR RPKI CA outage)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]