Reaching out to ARIN members about their RPKI INVALID prefixes

• Previous message (by thread): Reaching out to ARIN members about their RPKI INVALID prefixes
• Next message (by thread): Reaching out to ARIN members about their RPKI INVALID prefixes
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Owen,

You are correct in that RPKI leaves many problems unsolved.

One that it does solve is prefix splitting.
If I issue a ROA for prefix 10.1.2.0/23, any announcement of 10.1.2.0/24 (including mine) will be declared INVALID, because that announcement is covered by the ROA and the mask length is longer than maxlen.

Of course, as you rightly point out, if I do NOT announce that prefix myself, then anyone is free to announce it anywhere and have it declared VALID just by prepending my ASN.

Regards,
Jakob.

-----Original Message-----
Date: Tue, 18 Sep 2018 14:18:55 -0700
From: Owen DeLong <owen at delong.com>

What does RPKI offer other than a way to know what to spoof in a prepend for your forged announcement?

• Previous message (by thread): Reaching out to ARIN members about their RPKI INVALID prefixes
• Next message (by thread): Reaching out to ARIN members about their RPKI INVALID prefixes
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]