nanog mailing list archives

Re: rpki vs. secure dns?

From: Nick Hilliard <nick () foobar org>
Date: Sun, 29 Apr 2012 21:08:20 +0100

On 29/04/2012 16:16, Alex Band wrote:

All in all, for an RPKI-specific court order to be effective in taking a
network offline, the RIR would have to tamper with the registry, inject
false data and try to make sure it's not detected so nobody applies a
local override.


You mean, like an FBI domain seizure on the basis of a US court order?

Realistically, it doesn't matter a whole lot if the occasional network here
or there applies a local override.  If their upstream transit provider
isn't carrying the prefix (on the basis of similar simultaneous court
orders), it's game over for that prefix.

Nick

Current thread:

Re: rpki vs. secure dns?, (continued)
- - - Re: rpki vs. secure dns? Alex Band (Apr 28)
    - Re: rpki vs. secure dns? Rubens Kuhl (Apr 28)
    - Re: rpki vs. secure dns? Phil Regnauld (Apr 28)
    - Re: rpki vs. secure dns? Alex Band (Apr 29)
    - Re: rpki vs. secure dns? Jennifer Rexford (Apr 29)
    - Message not available
    - Re: rpki vs. secure dns? Stephane Bortzmeyer (Apr 29)
    - Re: rpki vs. secure dns? Matthias Waehlisch (Apr 29)
    - Re: rpki vs. secure dns? David Conrad (Apr 29)
    - Re: rpki vs. secure dns? Alex Band (Apr 29)
    - Re: rpki vs. secure dns? Randy Bush (Apr 29)
    - Re: rpki vs. secure dns? Nick Hilliard (Apr 29)
    - Re: rpki vs. secure dns? Florian Weimer (Apr 30)
    - Re: rpki vs. secure dns? Nick Hilliard (Apr 29)
    - Re: rpki vs. secure dns? Alex Band (Apr 30)
    - Re: rpki vs. secure dns? Danny McPherson (Apr 30)
    - Re: rpki vs. secure dns? Dmitry Burkov (Apr 30)
    - Re: rpki vs. secure dns? Randy Bush (Apr 30)
    - Re: rpki vs. secure dns? Jared Mauch (Apr 30)
    - Re: rpki vs. secure dns? Christopher Morrow (Apr 30)
    - Re: rpki vs. secure dns? Dmitry Burkov (Apr 30)
    - Message not available
    - Re: rpki vs. secure dns? Stephane Bortzmeyer (Apr 28)

(Thread continues...)