nanog mailing list archives
Re: rpki vs. secure dns?
From: Alex Band <alexb () ripe net>
Date: Sat, 28 Apr 2012 20:14:27 +0200
On 28 Apr 2012, at 19:45, Nick Hilliard wrote:
On 28/04/2012 18:27, Phil Regnauld wrote:To me that seems like the most obvious problem, but as Alex put it, "Everyone has the ability to apply an override on data they do not trust, or have a specific local policy for."So what do you suggest to do with a roa lookup which returns "Invalid"?
In case you feel a BGP announcement should not be "RPKI Invalid" but something else, you do what's described on slide 15-17: https://ripe64.ripe.net/presentations/77-RIPE64-Plenery-RPKI.pdf -Alex
Current thread:
- Re: rpki vs. secure dns?, (continued)
- Re: rpki vs. secure dns? Matthias Waehlisch (Apr 28)
- Re: rpki vs. secure dns? Florian Weimer (Apr 28)
- Re: rpki vs. secure dns? Randy Bush (Apr 28)
- Re: rpki vs. secure dns? Alex Band (Apr 28)
- Re: rpki vs. secure dns? Florian Weimer (Apr 28)
- Re: rpki vs. secure dns? Alex Band (Apr 28)
- Re: rpki vs. secure dns? Florian Weimer (Apr 28)
- Re: rpki vs. secure dns? Nick Hilliard (Apr 28)
- Re: rpki vs. secure dns? Phil Regnauld (Apr 28)
- Re: rpki vs. secure dns? Nick Hilliard (Apr 28)
- Re: rpki vs. secure dns? Alex Band (Apr 28)
- Re: rpki vs. secure dns? Rubens Kuhl (Apr 28)
- Re: rpki vs. secure dns? Phil Regnauld (Apr 28)
- Re: rpki vs. secure dns? Alex Band (Apr 29)
- Re: rpki vs. secure dns? Jennifer Rexford (Apr 29)
- Message not available
- Re: rpki vs. secure dns? Stephane Bortzmeyer (Apr 29)
- Re: rpki vs. secure dns? Matthias Waehlisch (Apr 29)
- Re: rpki vs. secure dns? David Conrad (Apr 29)
- Re: rpki vs. secure dns? Alex Band (Apr 29)
- Re: rpki vs. secure dns? Randy Bush (Apr 29)
- Re: rpki vs. secure dns? Nick Hilliard (Apr 29)