nanog mailing list archives
Re: Towards an RPKI-rich Internet (and the appropriate allocation of responsibility in the event an RIR RPKI CA outage)
From: Mark Tinka <mark.tinka () seacom mu>
Date: Mon, 1 Oct 2018 10:18:38 +0200
On 1/Oct/18 09:47, Alex Band wrote:
Thus, a continued outage of an RPKI CA (or publication server) will result in announcements with status NotFound. This means that the prefixes held by this CA will no longer benefit from protection by the RPKI. However, since only *invalid* announcements should be dropped, this should not lead to large scale outages in routing.
Indeed, and this is on the basis that operators are not overzealous about aggressively acting against a "NotFound" RPKI state. Mark.
Current thread:
- Re: Towards an RPKI-rich Internet (and the appropriate allocation of responsibility in the event an RIR RPKI CA outage) Alex Band (Oct 01)
- Re: Towards an RPKI-rich Internet (and the appropriate allocation of responsibility in the event an RIR RPKI CA outage) Mark Tinka (Oct 01)
- Re: Towards an RPKI-rich Internet (and the appropriate allocation of responsibility in the event an RIR RPKI CA outage) John Curran (Oct 01)
- Re: Towards an RPKI-rich Internet (and the appropriate allocation of responsibility in the event an RIR RPKI CA outage) Claudio Jeker (Oct 01)
- <Possible follow-ups>
- Re: Towards an RPKI-rich Internet (and the appropriate allocation of responsibility in the event an RIR RPKI CA outage) Mark Tinka (Oct 01)
- Re: Towards an RPKI-rich Internet (and the appropriate allocation of responsibility in the event an RIR RPKI CA outage) Nick Hilliard (Oct 01)