In message <CAA=nHSKbOHc7vSk5O+oPQ8459HyCk=t8py8czbhx+yhbe1t...@mail.gmail.com> George Michaelson <[email protected]> wrote:
>the easy to use solution is to require external data to be signed by RPKI >certificates from another RIR's system. > >1) its time limited: all signed objects have a lifetime >2) its secure (as secure as PKI) >3) it doesn't require massive effort to implement: a well formed object can >be specified by anyone, and then signed by the prime resource holder using >a certificate covering the resources. The receiving side can validate it >directly. > >Thats pretty much what I said to the microphone of the routing wg meeting. Sounds good to me! Could it be made to happen, um, yesterday? Regards, rfg P.S. I'm still a bit befuddled by what happened in this case. Would it be a fair characterization to say that what AS201640 has done in this case is to exploit a kind of loophole which is uniquely present only when the hijacker/squatter AS is registered in one RiR and the IP blocks that are being hijacked/squatted are registered in a different RiR? Also, could this scenario have been replicated if the origin AS had been registered in/by ARIN, APNIC, LACNIC, or AFRINIC, rather than RIPE? If so, then a proper sort of fix will necessarily involve all five RiRs, no?
