On Sat, May 4, 2019 at 8:10 AM Töma Gavrichenkov <[email protected]> wrote: > On Sat, May 4, 2019, 4:28 AM Marilson Mapa <[email protected]> wrote: > > Let's be honest here. RPKI, BGPSec and BGP roles could help resolving the > issue of hijacking. > This initiative would tame it a bit at best, but must not be seen as anything > close to a silver bullet.
If ARIN can determine what router owners may or may not do, then in another year, a proposal something like this could be added on top of the "No Hijacking" rule, so no problem, right? : " 2.0 Using Number Resources with insecure versions of BGP is a Policy Violation Propagating a BGP announcement containing IP number resources with an insecure version of BGP is unacceptable behavior. An insecure BGP operation is understood to be the acceptance or announcement of any route received using BGP or other exterior routing protocol without the numbers and paths related to each route having been confirmed on the receiving side using BGPsec or comparable system according to RFCxxxx with authenticity of every announcement verified against an ARIN-Approved RPKI. " > Actually, one of the strongest concerns of mine with this proposal is that > this may slow down > the proper solution (routing security) deployment due to a false sense of > security it provides. > -- > Töma -- -JH _______________________________________________ ARIN-PPML You are receiving this message because you are subscribed to the ARIN Public Policy Mailing List ([email protected]). Unsubscribe or manage your mailing list subscription at: https://lists.arin.net/mailman/listinfo/arin-ppml Please contact [email protected] if you experience any issues.
