Re: adding graphs for actually unreachable RPKI INVALID prefixes to RPKI Monitor?

[Job Snijders <job () ntt net>]

On Mon, 17 Sep 2018 at 18:38, nusenu <nusenu-lists () riseup net> wrote:

> Dear NIST RPKI Monitor Team,
>
> thanks for creating and maintaining the RPKI Monitor
> https://rpki-monitor.antd.nist.gov/#rpki_adopters
> I've seen your graphs in multiple routing security presentations :)
>
> What do you think about adding graphs that show the amount of actually
> unreachable prefixes and IP space? (prefix where no alternative
> valid/unknown announcement exists)
>
> I think such graphs would help us focus on those prefixes that we should
> have to tackle first.



Agreed. Increased visibility will help all of us. Tracking this data over
time would be a beneficial tool.


This page contains examples of INVALID prefixes that would still be
> reachable in a route origin validating
> environment (see the RPKI validator screenshots):
> https://medium.com/@nusenu/towards-cleaning-up-rpki-invalids-d69b03ab8a8c



Nusenu thank you for your thorough analysis. This is very useful
information.

Kind regards,

Job