Re: Should FCC look at SS7 vulnerabilities or BGP vulnerabilities

[Tom Beecher <beecher () beecher cc>]

https://blog.cloudflare.com/how-verizon-and-a-bgp-optimizer-knocked-large-parts-of-the-internet-offline-today

Keep mind rpki only solves misorigination.
>

I'm very well aware that RPKI only solves misorigination. But
misorigination is a significant problem, so that's a good problem to be
solved.

Not engaging with RPKI because it doesn't perfectly solve every
BGP-adjacent issue is a poor argument.

On Fri, May 17, 2024 at 7:24 PM Ca By <cb.list6 () gmail com> wrote:

> On Fri, May 17, 2024 at 4:20 PM Tom Beecher <beecher () beecher cc> wrote:
>
> > RPKI is not a good solution for all networks, especially those that are
> > > non-transit in nature and take reasonable mitigation actions like IRR
> > > prefix lists.
> >
> > Some of the largest , most impactful route leaks have come from
> > non-transit networks reliant on IRR managed prefix lists.
>
> Can you be more specific?
>
> Was it malicious?
>
> Who in the usa was impacted ?
>
> Keep mind rpki only solves misorigination.
>
>
> > On Fri, May 17, 2024 at 5:21 PM Ca By <cb.list6 () gmail com> wrote:
> >
> > > On Fri, May 17, 2024 at 2:02 PM Sean Donelan <sean () donelan com> wrote:
> > >
> > > > Sigh, industry hasn't solved spoofing and routing insecurity in two
> > > > decades.  If it was easy, everyone would have fixed it by now.
> > > >
> > > > Industry has been saying 'don't regulate us' for decades.
> > >
> > >
> > > I hope the regulations are more outcome focused.
> > >
> > > RPKI is not a good solution for all networks, especially those that are
> > > non-transit in nature and take reasonable mitigation actions like IRR
> > > prefix lists.
> > >
> > >
> > >
> > > >