A semi-structured collection of experiences, anecdotes, war stories and vendor gripes from the early experiences of deploying RPKI-based route origin validation at AS37271.
Routing security is vital to the future and stability of the Internet and implementing best available and crucial fixes needed to reduce the most common routing threats is important. Some of the available technologies in achieving this include the use Internet Routing Registries (IRR) and Resource Public Key Infrastructure (RPKI). These technologies assist network operators in the following: - Global Validation: Publish your data so others can validate routing information on a global scale.
To a large extent, the Internet has not been built on formal methods; principles of software engineering. Designers are proud that critical components were designed on a serviette, and no thought was given to security. We are paying the price for this in a myriad ways.
This depressing, and sometimes terrifying talk, looks at some of the causes and some of the results. It tries to give some clues toward a constructive future.
Randy Bush, Internet Initiative Japan
Learn how to go about participating in RPKI-based route origin validation, from issuing ROA's to selecting and configuring Relying Party software and incorporating the results into an existing routing policy.
Ben Maddison, Workonline Communications
- Putting security incident reports to use in improving your network
- DNSSEC implementation stats/DNSSEC as a business opportunity
- Practical RPKI
- What do the ISP market trends over the last decade tell us about the next decade?
- Wholesale mobile - hope on the horizon?
- Fibre - the anatomy of the SA market
- Transit vs. peering - a changing access model
- Panel debate: Enforcing open access models
- Running an effective abuse reporting system
- Law enforcement agencies and information requests
- ISPA mediation, complaints and take-downs
- Discussion: Adjudication/Appeal fines debate